C2
Explore 39 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Silent Push Platform provides preemptive cyber defense by identifying malicious infrastructure before attacks are launched using Indicators of Future Attack (IOFA)™ technology.
Silent Push Platform provides preemptive cyber defense by identifying malicious infrastructure before attacks are launched using Indicators of Future Attack (IOFA)™ technology.
A threat intelligence service providing actionable IoCs and security data feeds to help organizations detect, block, and respond to cyber threats.
A threat intelligence service providing actionable IoCs and security data feeds to help organizations detect, block, and respond to cyber threats.
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
A company that helps organizations create security-aware teams and produce bug-free software.
A company that helps organizations create security-aware teams and produce bug-free software.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.
A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.
A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.
A specification/framework for extending default C2 communication channels in Cobalt Strike
A specification/framework for extending default C2 communication channels in Cobalt Strike
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A free and open source C2 and proxy for penetration testers
A C2 profile generator for Cobalt Strike designed to enhance evasion.
A C2 profile generator for Cobalt Strike designed to enhance evasion.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A COM Command & Control framework using JScript for stealthy and flexible command and control capabilities on Windows systems.
A COM Command & Control framework using JScript for stealthy and flexible command and control capabilities on Windows systems.
A cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments
A cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
A C#-based Command and Control Framework for remote access and control of compromised systems.
A C#-based Command and Control Framework for remote access and control of compromised systems.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
Generates randomized C2 profiles for Cobalt Strike to evade detection.
Generates randomized C2 profiles for Cobalt Strike to evade detection.
A tool for injecting and loading executables with a focus on stealth techniques.
A tool for injecting and loading executables with a focus on stealth techniques.
RDP based Honeypot that creates virtual machines for incoming connections and analyzes traffic with Suricata.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
MITRE Caldera™ is a cybersecurity platform that automates adversary emulation and supports red team operations through a modular framework built on MITRE ATT&CK.
MITRE Caldera™ is a cybersecurity platform that automates adversary emulation and supports red team operations through a modular framework built on MITRE ATT&CK.
A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.
A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
AzureC2Relay enhances security by validating and relaying Cobalt Strike beacon traffic through Azure Functions.
AzureC2Relay enhances security by validating and relaying Cobalt Strike beacon traffic through Azure Functions.
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
Full-featured C2 framework for stealthy communication and control on web servers.
Full-featured C2 framework for stealthy communication and control on web servers.
CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.
CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.
Learn how to create new Malleable C2 profiles for Cobalt Strike to avoid detection and signatured toolset
Learn how to create new Malleable C2 profiles for Cobalt Strike to avoid detection and signatured toolset
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.