A list of JARM hashes for different ssl implementations used by some C2/red team tools.
☆144Apr 20, 2023Updated 2 years ago
Alternatives and similar repositories for C2-JARM
Users that are interested in C2-JARM are comparing it to the libraries listed below
Sorting:
- pyJARM is a library for doing JARM fingerprinting using python☆50Mar 23, 2025Updated 11 months ago
- ☆1,280Jul 13, 2023Updated 2 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- ☆451Aug 4, 2021Updated 4 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- Simple CLI utility to save off an image from every webcam hooked into a mac☆14May 20, 2021Updated 4 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Jan 26, 2022Updated 4 years ago
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…☆19Dec 29, 2020Updated 5 years ago
- C2 Active Scanner☆59Jun 19, 2024Updated last year
- Automatically created C2 Feeds☆666Updated this week
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆922Aug 19, 2021Updated 4 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆272May 5, 2021Updated 4 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- ☆15May 26, 2021Updated 4 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆169Jan 5, 2021Updated 5 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- ☆18Jul 3, 2020Updated 5 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Jun 18, 2021Updated 4 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- ☆1,130Dec 19, 2023Updated 2 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆186Jun 23, 2025Updated 8 months ago
- ☆215Jun 5, 2025Updated 8 months ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Standardized Malware Analysis Tool☆56Mar 9, 2021Updated 4 years ago
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆282Aug 5, 2023Updated 2 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- ☆34Nov 11, 2025Updated 3 months ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- PoC of macho loading from memory☆58Nov 18, 2024Updated last year
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- A list of JARM fingerprints from malicious IPs, matched against known C2 fingerprints.☆12Jun 9, 2025Updated 8 months ago