A library to parse, modify, and implement Malleable C2 profiles
☆27Feb 9, 2019Updated 7 years ago
Alternatives and similar repositories for MalleableC2Parser
Users that are interested in MalleableC2Parser are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 9 months ago
- A collection of sample code used in some experiments with Sliver C2☆17Mar 28, 2023Updated 3 years ago
- Find jmp gadgets for call stack spoofing.☆83Oct 1, 2025Updated 7 months ago
- ☆14Sep 22, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- My musings with C#☆28Dec 23, 2022Updated 3 years ago
- Red Team Coin for crypto-mining operations.☆24Mar 1, 2026Updated 2 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 10 months ago
- Specialized tool to dump Position Independent Code.☆22Aug 4, 2020Updated 5 years ago
- 解析netsh抓取的etl文件来定位windows主机上存在ICMP通信的进程与文件的小工具☆31Apr 22, 2022Updated 4 years ago
- A script that can be deployed to Azure App for C2 / Proxy / Redirector☆42May 17, 2019Updated 7 years ago
- ☆37Nov 4, 2017Updated 8 years ago
- Cross-platform proxy selection with optional native authentication negotiation☆53Feb 25, 2023Updated 3 years ago
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆28Mar 11, 2020Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆14Oct 25, 2019Updated 6 years ago
- C# DCOM Execution☆17Aug 4, 2019Updated 6 years ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆83Mar 15, 2026Updated 2 months ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆185Mar 13, 2023Updated 3 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Implant drop-in for EDR testing☆148Nov 15, 2023Updated 2 years ago
- ps-like .NET Assembly for enumerating processes on the current machine or a remote machine.☆13Aug 12, 2019Updated 6 years ago
- A fast python tool for creating permutations of alphanumerics☆11Mar 22, 2020Updated 6 years ago
- Execute Shellcode And Other Goodies From MMC☆14Jun 17, 2015Updated 10 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Parses logs created by Cobalt Strike, Brute Ratel, OC2 and creates an SQLite DB which can be used to create custom reports.☆27Mar 18, 2026Updated 2 months ago
- ☆121Jun 17, 2022Updated 3 years ago
- Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.☆67Oct 3, 2020Updated 5 years ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆175Sep 3, 2025Updated 8 months ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 3 years ago
- Bunch of BOF files☆41Jun 30, 2025Updated 10 months ago
- A pointer encryption library intended for Red Team implant design in Rust.☆68Oct 1, 2025Updated 7 months ago
- Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE☆11Jun 14, 2022Updated 3 years ago
- MuddyWater C2 framework research☆12Jun 28, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Classic Bofa adapted to CobaltStrike.☆11Oct 4, 2022Updated 3 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- Easy encrypt/decrypt data with TPM☆25Feb 28, 2024Updated 2 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆65Jun 23, 2025Updated 11 months ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- ☆15Feb 9, 2022Updated 4 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆47Jun 5, 2017Updated 8 years ago