C2
☆122Dec 29, 2025Updated 2 months ago
Alternatives and similar repositories for awesome-C2
Users that are interested in awesome-C2 are comparing it to the libraries listed below
Sorting:
- ☆17Apr 18, 2023Updated 2 years ago
- shellcode-loaders and beacon-loaders☆72Nov 7, 2023Updated 2 years ago
- Implementation of several code injection techniques.☆24Mar 12, 2022Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Aug 31, 2022Updated 3 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆18Jan 3, 2022Updated 4 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- Modules used by the Havoc Framework☆262Jun 17, 2024Updated last year
- ☆60Jun 26, 2022Updated 3 years ago
- Bypass Malware Time Delays☆107Sep 23, 2022Updated 3 years ago
- Windows Thread Pool Injection Havoc Implementation☆33Mar 23, 2024Updated last year
- ☆16Apr 21, 2023Updated 2 years ago
- 这是一个shellcode简单的示例demo,使目标exe程序转换为shellcode可执行程序的一个demo【并不打算后期维护】,两年前写的,我发现被工作磨平了对技术的探索,今天翻到发现的。☆11Sep 23, 2023Updated 2 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- 🔎🪲 Malleable C2 profiles parser and assembler written in golang☆65May 13, 2024Updated last year
- ☆60Jan 9, 2023Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆261Oct 16, 2024Updated last year
- red or blue☆14Apr 20, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- A malicious keyboard that delivers a multi-staged attack, consisting of a trojan payload which can bypass antivirus, with Windows machine…☆17Mar 23, 2025Updated 11 months ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆37Dec 20, 2021Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- C# havoc implant☆101Feb 12, 2023Updated 3 years ago
- ☆73Jul 22, 2025Updated 7 months ago
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆622Sep 26, 2023Updated 2 years ago
- This script will not work with the latest version of chrome☆13May 11, 2025Updated 9 months ago
- ☆14Nov 29, 2021Updated 4 years ago
- ShellOrd is a C2 (Command & Control) framework cross-platform and agent written in Rust & Java☆15Sep 2, 2024Updated last year
- Havoc plugin allowing in-memory execution of PowerShell cmdlets☆13Dec 14, 2023Updated 2 years ago
- A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)☆16Aug 31, 2023Updated 2 years ago