Ethical hacking tools and resources for penetration testing and red team operations. Task: C2Explore 30 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
A specification/framework for extending default C2 communication channels in Cobalt Strike
A specification/framework for extending default C2 communication channels in Cobalt Strike
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A free and open source C2 and proxy for penetration testers
A C2 profile generator for Cobalt Strike designed to enhance evasion.
A C2 profile generator for Cobalt Strike designed to enhance evasion.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A COM Command & Control framework using JScript for stealthy and flexible command and control capabilities on Windows systems.
A COM Command & Control framework using JScript for stealthy and flexible command and control capabilities on Windows systems.
A cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments
A cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
A C#-based Command and Control Framework for remote access and control of compromised systems.
A C#-based Command and Control Framework for remote access and control of compromised systems.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Generates randomized C2 profiles for Cobalt Strike to evade detection.
Generates randomized C2 profiles for Cobalt Strike to evade detection.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
MITRE Caldera™ is a cybersecurity platform that automates adversary emulation and supports red team operations through a modular framework built on MITRE ATT&CK.
MITRE Caldera™ is a cybersecurity platform that automates adversary emulation and supports red team operations through a modular framework built on MITRE ATT&CK.
A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.
A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.