threatexpress/cs2modrewrite external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

threatexpress/cs2modrewrite

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/threatexpress/cs2modrewrite)

Close

threatexpress / cs2modrewriteView on GitHubMore

• External links
• Readme badge

Convert Cobalt Strike profiles to modrewrite scripts

☆611Jan 30, 2023Updated 3 years ago

Alternatives and similar repositories for cs2modrewrite

Users that are interested in cs2modrewrite are comparing it to the libraries listed below

• threatexpress / malleable-c2

  View on GitHub
  Cobalt Strike Malleable C2 Design and Reference Guide
  ☆1,750Dec 13, 2023Updated 2 years ago
• RedSiege / C2concealer

  View on GitHub
  C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
  ☆1,098Jun 25, 2024Updated last year
• Tylous / SourcePoint

  View on GitHub
  SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
  ☆1,199Apr 16, 2025Updated 10 months ago
• harleyQu1nn / AggressorScripts

  View on GitHub
  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
  ☆1,529Jun 30, 2023Updated 2 years ago
• CCob / BOF.NET

  View on GitHub
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆772Sep 4, 2024Updated last year
• mgeeky / RedWarden

  View on GitHub
  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
  ☆991Oct 7, 2022Updated 3 years ago
• boku7 / spawn

  View on GitHub
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆469Mar 8, 2023Updated 2 years ago
• bluscreenofjeff / Malleable-C2-Randomizer

  View on GitHub
  A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls
  ☆454Sep 9, 2022Updated 3 years ago
• 0xthirteen / MoveKit

  View on GitHub
  Cobalt Strike kit for Lateral Movement
  ☆678Feb 21, 2020Updated 6 years ago
• RCStep / CSSG

  View on GitHub
  Cobalt Strike Shellcode Generator
  ☆669Jan 8, 2025Updated last year
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,097Apr 19, 2023Updated 2 years ago
• boku7 / injectAmsiBypass

  View on GitHub
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆382Mar 8, 2023Updated 2 years ago
• 0xthirteen / StayKit

  View on GitHub
  Cobalt Strike kit for Persistence
  ☆494Jan 27, 2020Updated 6 years ago
• rvrsh3ll / CPLResourceRunner

  View on GitHub
  Run shellcode from resource
  ☆259Dec 13, 2020Updated 5 years ago
• threatexpress / random_c2_profile

  View on GitHub
  Cobalt Strike random C2 Profile generator
  ☆685Jan 5, 2023Updated 3 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆282Sep 18, 2021Updated 4 years ago
• dcsync / pycobalt

  View on GitHub
  Cobalt Strike Python API
  ☆304Jan 27, 2022Updated 4 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,401Nov 22, 2023Updated 2 years ago
• SpiderLabs / SharpCompile

  View on GitHub
  SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…
  ☆290Aug 7, 2020Updated 5 years ago
• trustedsec / CS-Situational-Awareness-BOF

  View on GitHub
  Situational Awareness commands implemented using Beacon Object Files
  ☆1,722Feb 23, 2026Updated last week
• b4rtik / ATPMiniDump

  View on GitHub
  Evading WinDefender ATP credential-theft
  ☆255Dec 2, 2019Updated 6 years ago
• rsmudge / Malleable-C2-Profiles

  View on GitHub
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆1,584May 18, 2021Updated 4 years ago
• JamesCooteUK / SharpSphere

  View on GitHub
  .NET Project for Attacking vCenter
  ☆553Nov 11, 2021Updated 4 years ago
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 2 years ago
• ajpc500 / BOFs

  View on GitHub
  Collection of Beacon Object Files
  ☆633Nov 1, 2022Updated 3 years ago
• ryhanson / ExternalC2

  View on GitHub
  A library for integrating communication channels with the Cobalt Strike External C2 server
  ☆290Nov 23, 2017Updated 8 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• bluscreenofjeff / AggressorScripts

  View on GitHub
  Aggressor scripts for use with Cobalt Strike 3.0+
  ☆885Sep 9, 2022Updated 3 years ago
• ReversecLabs / C3

  View on GitHub
  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…
  ☆1,729Jan 16, 2026Updated last month
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• xx0hcd / Malleable-C2-Profiles

  View on GitHub
  Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.…
  ☆868Oct 28, 2022Updated 3 years ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,607Jul 10, 2023Updated 2 years ago
• G0ldenGunSec / SharpSecDump

  View on GitHub
  .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
  ☆611Feb 16, 2023Updated 3 years ago
• xorrior / raven

  View on GitHub
  CobaltStrike External C2 for Websockets
  ☆197Jul 16, 2019Updated 6 years ago
• darkoperator / vscode-language-aggressor

  View on GitHub
  Cobalt Strike Aggressor extension for Visual Studio Code
  ☆138Jun 20, 2024Updated last year
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,163Mar 31, 2021Updated 4 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,006Jun 4, 2024Updated last year
• rasta-mouse / TikiTorch

  View on GitHub
  Process Injection
  ☆766Oct 24, 2021Updated 4 years ago
• Und3rf10w / Aggressor-scripts

  View on GitHub
  Aggressor scripts I've made for Cobalt Strike
  ☆413Jul 29, 2023Updated 2 years ago