ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
☆177Feb 14, 2026Updated 3 months ago
Alternatives and similar repositories for Atomic-Red-Team-C2
Users that are interested in Atomic-Red-Team-C2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Run PowerShell command without invoking powershell.exe☆36Nov 22, 2021Updated 4 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆236Feb 15, 2021Updated 5 years ago
- Automated script for setting up CobaltStrike redirectors (nginx reverse proxy, letsencrypt)☆143Oct 31, 2017Updated 8 years ago
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆257Mar 6, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process☆228Jul 30, 2020Updated 5 years ago
- ABUSING WINDOWS TELEMETRY FOR PERSISTENCE☆140Jul 2, 2020Updated 5 years ago
- Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it …☆156Apr 27, 2021Updated 5 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆107Jul 26, 2024Updated last year
- Iterative AD discovery toolkit for offensive operations☆86Mar 16, 2020Updated 6 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆195Jul 26, 2020Updated 5 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆205Jul 14, 2021Updated 4 years ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆287Oct 29, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Load any Beacon Object File using Powershell!☆262Dec 9, 2021Updated 4 years ago
- Toolbox containing research notes & PoC code for weaponizing .NET's DLR☆528Jan 21, 2022Updated 4 years ago
- Just a PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin)☆146Sep 4, 2021Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆265Apr 24, 2021Updated 5 years ago
- Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.☆79Apr 6, 2021Updated 5 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆324Apr 8, 2023Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆145May 1, 2021Updated 5 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆599Jul 26, 2021Updated 4 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Self-developed tools for Lateral Movement/Code Execution☆722Aug 17, 2021Updated 4 years ago
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆44Oct 12, 2021Updated 4 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 6 years ago
- (kinda) Malicious Outlook Reader☆138Mar 3, 2021Updated 5 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆522May 19, 2026Updated last week
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆121Jun 17, 2022Updated 3 years ago
- POCs for Shellcode Injection via Callbacks☆415Feb 23, 2021Updated 5 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆443Apr 1, 2022Updated 4 years ago
- Petaq - Purple Team Command & Control Server☆104Dec 8, 2022Updated 3 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,166Mar 31, 2021Updated 5 years ago
- 后渗透持久化控制平台; Windows Persistence Platform;☆46Sep 16, 2021Updated 4 years ago
- Run shellcode from resource☆257Dec 13, 2020Updated 5 years ago