Alternatives and similar repositories for Covert-C2

Users that are interested in Covert-C2 are comparing it to the libraries listed below

• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆86Updated 2 years ago
• nopbrick / SeeProxy
  Golang reverse proxy with CobaltStrike malleable profile validation.
  ☆109Updated 3 years ago
• dobin / antniumui
  The Web UI for Antnium
  ☆27Updated 3 years ago
• kyxiaxiang / DetectCobaltStrike
  Detect Beacon Powerful (Include CobatStrike 4.10 Aha~)
  ☆21Updated last year
• brett-fitz / pyMalleableProfileParser
  Parses Cobalt Strike malleable C2 profiles.
  ☆60Updated this week
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆33Updated last year
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆115Updated 2 years ago
• Hypnoze57 / SharpHound4Cobalt
  C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
  ☆60Updated 2 years ago
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆46Updated 3 months ago
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆38Updated 5 years ago
• ustayready / roguerdp
  ☆33Updated 3 years ago
• Cobalt-Strike / icmp-udc2
  UDC2 implementation that provides an ICMP C2 channel
  ☆115Updated 2 months ago
• kymb0 / Stealth_shellcode_runners
  ☆57Updated last year
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆22Updated 3 years ago
• Hagrid29 / DumpAADSyncCreds
  C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD…
  ☆45Updated 2 years ago
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated 2 years ago
• An00bRektn / gopher47
  A third-party Gopher Assassin for the Havoc Framework.
  ☆44Updated 2 years ago
• ro0tmylove / CVE-2024-35250-BOF
  Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星，谢谢。)
  ☆15Updated last year
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆102Updated 2 years ago
• Nicolas-Arsenault / Havoc-C2-RCE-2024
  Abusing SSRF to deliver an authenticated command injection payload
  ☆30Updated 5 months ago
• CodeXTF2 / HavocNotion
  A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …
  ☆91Updated 3 years ago
• breakid / SharpUtils
  A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly
  ☆46Updated 2 years ago
• nullsection / Sneaky-DLL-Stager
  Reasonably undetected shellcode stager and executer.
  ☆36Updated 8 months ago
• Leo4j / SessionExec
  Execute commands in other Sessions
  ☆91Updated last year
• susMdT / SharpAgent
  C# havoc implant
  ☆100Updated 2 years ago
• Octoberfest7 / Cohab_Processes
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆84Updated 3 years ago
• KINGSABRI / AssemblyLoader
  Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()
  ☆35Updated 4 years ago
• c3r3br4t3 / ShadowRDP
  ☆75Updated 2 years ago
• Kryp7os / SharpRBCD
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆49Updated 11 months ago
• h4wkst3r / SharPersist
  Windows Persistence Toolkit in C#
  ☆37Updated 3 years ago