Echos is a stealthy C2 traffic emulator built in Rust for Red Teamers. It simulates adversarial beaconing patterns and custom jitter to test EDR/NDR detection logic. Ideal for validating network security signatures in a safe, modular framework.
☆34Jun 2, 2026Updated last month
Alternatives and similar repositories for Echos
Users that are interested in Echos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- psexec-like remote execution using the paexec wire protocol that supports paexec and remoteexecm2 from manageengine adselfservice plus☆43Mar 24, 2026Updated 3 months ago
- Transform LDAP filters, BaseDNs, attribute lists, and attribute entries using composable middleware chains. Zero dependencies. Works as a…☆42Apr 13, 2026Updated 3 months ago
- Dockerized template to build CS BOFs using clang-cl☆26Jan 29, 2026Updated 5 months ago
- takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities☆63Mar 1, 2026Updated 4 months ago
- Next-Generation BOF Template | BOF Linter | Obj Rewriter☆58Dec 4, 2025Updated 7 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- AWS SSO Device-Code Phishing Toolkit for Red / Purple Teams☆23Mar 10, 2026Updated 4 months ago
- A modern GoPhish fork with improved tracking accuracy and smarter detection.☆93Feb 16, 2026Updated 5 months ago
- Tailscale/Headscale C2 profile and agent for Mythic☆25Mar 14, 2026Updated 4 months ago
- Shroudware is a compile-time obfuscation library implemented entirely in the C preprocessor.☆27Apr 12, 2026Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 11 months ago
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- ☆85Feb 12, 2026Updated 5 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 3 months ago
- One PsExec client to rule them all☆15Mar 25, 2026Updated 3 months ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 6 months ago
- Lnk crafting and research tools☆181Mar 4, 2026Updated 4 months ago
- In-memory BOF implementation of Silent Process Exit LSASS dump via RtlReportSilentProcessExit☆19Apr 14, 2026Updated 3 months ago
- Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory)☆69Apr 3, 2026Updated 3 months ago
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Repository hosting a hypothetical EDR Spoofer, as discovered originally by Nightmare-Eclipse☆41May 27, 2026Updated last month
- Tyche is a Mythic HTTPX Profile Generator used to create Malleable C2 Profiles.☆46Mar 28, 2026Updated 3 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- .NET CLR-Stomping☆146May 20, 2026Updated last month
- A cmake template for crystal palace☆43Dec 20, 2025Updated 6 months ago
- PoC for CVE-2026-3609 - XIGNCODE3 xhunter1.sys handle leak enabling PPL bypass and LSASS dumping☆29May 12, 2026Updated 2 months ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 3 years ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆55Nov 2, 2025Updated 8 months ago
- Evasive loader for .NET Framework assemblies☆82May 12, 2026Updated 2 months ago
- Orchestrate detonating redteam artifacts in VMs with different EDRs to see their detection surface.☆63Jun 24, 2026Updated 3 weeks ago
- Phantom is project created to perform loading and executing unmanaged code in memory within an IIS environment running in full‑trust mode…☆107Jun 5, 2026Updated last month
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆63May 4, 2026Updated 2 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.☆81Mar 27, 2026Updated 3 months ago
- InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution☆161Updated this week
- A modern alternative Web-UI for the Mythic Command and Control Server☆79Jul 3, 2026Updated last week
- A Cobalt Strike RL built with Crystal Palac; module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and stati…☆225Mar 15, 2026Updated 4 months ago
- Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.☆61May 4, 2026Updated 2 months ago
- User-mode ETW interception and telemetry manipulation lab for Windows security research.☆42Jun 15, 2026Updated last month
- Open Source Implementation of Cobalt Strike's Malleable C2☆104Jun 27, 2026Updated 2 weeks ago