Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
-
Updated
Aug 4, 2021 - Go
#
c2
Here are 106 public repositories matching this topic...
Covenant is a collaborative .NET C2 framework for red teamers.
-
Updated
Aug 25, 2021 - C#
Adversary Emulation Framework
dns
golang
http
gplv3
dns-server
sliver
red-team
security-tools
c2
red-team-engagement
command-and-control
implant
adversarial-attacks
red-teaming
adversary-simulation
-
Updated
Sep 9, 2021 - Go
nil0x42
commented
Oct 3, 2020
Current implementation of proclist plugin uses win32_ps_list_procs() php function on Windows host.
Therefore, linux implementation is a simple system("ps -a"), which is OPSEC unsafe, an would probably trigger EDR alerts.
A better implementation should avoid relying on system command execution.
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
-
Updated
Aug 9, 2021 - PowerShell
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
rat
malware-analysis
c2
command-and-control
remote-access-tool
remote-administration-tool
command-control
rat-analysis
rat-malware
-
Updated
Feb 17, 2020
Starkiller is a Frontend for PowerShell Empire.
-
Updated
Jul 27, 2021 - Vue
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
agent
kubernetes
golang
security
containers
http2
post-exploitation
security-tools
c2
penetration-testing-framework
command-and-control
red-teams
penetration-testing-tools
redteam-tools
-
Updated
Jun 20, 2021 - Go
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
rust
security
virus
scanner
phishing
wasm
hacking
audit
trojan
bug-bounty
infosec
pentesting
beacon
pentest
offensive-security
red-team
security-tools
c2
bug-hunting
shellcodes
-
Updated
Sep 6, 2021 - Rust
go
windows
macos
linux
golang
security
qt
cross-platform
grpc
trojan
rat
macosx
post-exploitation
beacon
cobalt-strike
red-team
c2
redteam
cobaltstrike
-
Updated
Sep 9, 2021 - C++
DeimosC2 is a Golang command and control framework for post-exploitation.
-
Updated
Aug 25, 2021 - Vue
Open source pre-operation C2 server based on python and powershell
-
Updated
Jul 6, 2021 - Python
-
Updated
Aug 30, 2021 - Go
A Golang implant that uses Slack as a command and control server
python
golang
penetration-testing
pentest
red-team
remote-admin-tool
c2
command-and-control
penetration-testing-tools
-
Updated
Apr 7, 2021 - Python
Some notes and examples for cobalt strike's functionality
-
Updated
Apr 21, 2021
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
osint
anti-virus
password
owasp
vulnerability
recon
post-exploitation
burp
pentest
payload
privilege-escalation
iot-security
kali
cobalt-strike
social-engineering-attacks
metasploit
data-exfiltration
c2
wifi-hacking
threat-hunt
-
Updated
Dec 23, 2019
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
security
powershell
python3
cybersecurity
post-exploitation
offensive-security
security-tools
c2
command-and-control
redteam
implant
purpleteam
readteaming
-
Updated
Mar 25, 2021 - Python
link is a command and control framework written in rust
-
Updated
Aug 18, 2021 - Rust
Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
-
Updated
Sep 3, 2021 - Python
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
shell
dns
backdoor
reverse-shell
penetration-testing
dns-server
information-security
kali-linux
offensive-security
exfiltration
kali
bypass-antivirus
antivirus-evasion
c2
social-engineering
kali-scripts
amsi
-
Updated
Jul 27, 2021 - PowerShell
Responsive Command and Control System
-
Updated
Jul 13, 2021 - HTML
Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
-
Updated
Aug 12, 2020 - JavaScript
PickleC2 is a post-exploitation and lateral movements framework
-
Updated
Jul 26, 2021 - PowerShell
Cyberdelia, a Collection of Command and Control frameworks
-
Updated
Oct 16, 2019 - Shell
Check Domain Fronting (chkdfront) - It checks if your domain fronting is working
-
Updated
Jun 26, 2021 - Ruby
Decentralised P2P botnet using toxcore.
go
golang
botnet
virus
end-to-end
peer-to-peer
decentralized
malware
p2p
distributed
encrypted
tox
toxcore
end-to-end-encryption
c2
implant
p2p-botnet
-
Updated
Aug 29, 2021 - Go
Improve this page
Add a description, image, and links to the c2 topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the c2 topic, visit your repo's landing page and select "manage topics."
Empire Version
OS Information (Linux flavor, Python version)
Describe the bug
All four RESTful API end points listed at https://github.com/BC-SECURITY/Empire/wiki/RESTful-API#admin-functionality have incorrect handlers. The handler should be: GET /api/admin/[endpoint].
To Reproduce
Steps to reproduce the behavior: