darmado / Atomic-Red-Team-C2View external linksLinks
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
☆178Jan 24, 2026Updated 2 weeks ago
Alternatives and similar repositories for Atomic-Red-Team-C2
Users that are interested in Atomic-Red-Team-C2 are comparing it to the libraries listed below
Sorting:
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆259Mar 6, 2025Updated 11 months ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆233Feb 15, 2021Updated 4 years ago
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process☆231Jul 30, 2020Updated 5 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- ABUSING WINDOWS TELEMETRY FOR PERSISTENCE☆140Jul 2, 2020Updated 5 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆202Jul 14, 2021Updated 4 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆108Jul 26, 2024Updated last year
- Just a PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin)☆145Sep 4, 2021Updated 4 years ago
- Pass the Hash to a named pipe for token Impersonation☆146May 1, 2021Updated 4 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Automated script for setting up CobaltStrike redirectors (nginx reverse proxy, letsencrypt)☆144Oct 31, 2017Updated 8 years ago
- Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it …☆156Apr 27, 2021Updated 4 years ago
- Self-developed tools for Lateral Movement/Code Execution☆720Aug 17, 2021Updated 4 years ago
- ☆121Jun 17, 2022Updated 3 years ago
- Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.☆79Apr 6, 2021Updated 4 years ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆281Oct 29, 2024Updated last year
- Toolbox containing research notes & PoC code for weaponizing .NET's DLR☆525Jan 21, 2022Updated 4 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆524Feb 1, 2022Updated 4 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆386Apr 16, 2022Updated 3 years ago
- Load any Beacon Object File using Powershell!☆260Dec 9, 2021Updated 4 years ago
- Run shellcode from resource☆260Dec 13, 2020Updated 5 years ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- Run PowerShell command without invoking powershell.exe☆35Nov 22, 2021Updated 4 years ago
- A C2 post-exploitation framework☆483Jan 24, 2024Updated 2 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆219Jul 14, 2021Updated 4 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,164Mar 31, 2021Updated 4 years ago
- Apply a filter to the events being reported by windows event logging☆264Apr 24, 2021Updated 4 years ago
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- (kinda) Malicious Outlook Reader☆138Mar 3, 2021Updated 4 years ago
- Steal a primary token and spawn cmd.exe using the stolen token☆258Dec 20, 2020Updated 5 years ago
- ☆132Jul 14, 2021Updated 4 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆992Oct 7, 2022Updated 3 years ago
- Cobalt Strike Shellcode Generator☆669Jan 8, 2025Updated last year