Alternatives and similar repositories for C2-framework:

Users that are interested in C2-framework are comparing it to the libraries listed below

• TimMisiak / RunWithDll
  A utility that can be used to launch an executable with a DLL injected
  ☆18Updated last year
• zer1t0 / keydump
  Dump Linux keyrings
  ☆19Updated 9 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆38Updated 9 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆21Updated 5 months ago
• zimnyaa / beepsyscall
  An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.
  ☆12Updated last year
• Quack2332 / Simple-C-Implant
  ☆11Updated 8 months ago
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆24Updated 8 months ago
• 0xTriboulet / T-1
  T-1 is a shellcode loader that leverages ML techniques to detect VM environments
  ☆25Updated 5 months ago
• ELMERIKH / Beryl
  Payload Dropper with Persistance & Privesc & UAC bypass 🐱‍👤
  ☆13Updated last year
• OtterHacker / CoffLoader
  ☆53Updated 2 years ago
• maxDcb / C2Core
  Core Submodule of Exploration C2
  ☆16Updated 3 weeks ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆41Updated last year
• adhikara13 / CVE-2024-3273
  Exploit for CVE-2024-3273, supports single and multiple hosts
  ☆13Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆21Updated this week
• lem0nSec / Alcatraz
  An example of Windows self-replicating malware.
  ☆10Updated 2 years ago
• EvilBytecode / EDR-XDR-AV-Bypass-Shellcode-Loader
  Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.
  ☆17Updated this week
• Mazzy-Stars / lain_c2
  command control framework
  ☆21Updated 2 weeks ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• XaFF-XaFF / WinREPL
  WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
  ☆14Updated 2 years ago
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆18Updated this week
• tykawaii98 / CVE-2024-21338_PoC
  ☆39Updated 10 months ago
• maxDcb / C2Implant
  Windows C++ Implant for Exploration C2
  ☆29Updated last month
• hacksysteam / CVE-2021-45067
  Adobe Reader DC Information Leak Exploit
  ☆21Updated 2 years ago
• qwqdanchun / Revenge_RAT-v0.3
  ☆10Updated 4 years ago
• Ne0nd0g / merlin-cli
  gRPC client for the Merlin Server
  ☆21Updated last week
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆31Updated last year
• lem0nSec / SkeletonKey
  Reproducing the SkeletonKey malware.
  ☆11Updated last year
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆69Updated 3 months ago
• mastercodeon314 / NugetBackdoor
  A framework for backdooring Microsoft Nuget packages.
  ☆8Updated last year