18 tools and resources
C3 is a framework for creating custom C2 channels, integrating with existing offensive toolkits.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
A lightweight, first-stage C2 implant written in Nim for remote access and control.
A COM Command & Control framework using JScript for stealthy and flexible command and control capabilities on Windows systems.
A modern post-exploitation command and control framework with a client-server architecture and extensibility features.
A cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
A C#-based Command and Control Framework for remote access and control of compromised systems.
Covenant is a .NET C2 framework for red teamers, facilitating collaborative and efficient management of red team operations.
A tool for injecting and loading executables with a focus on stealth techniques.
A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.
Hale is a botnet command & control monitor/spy with a modular design and various monitoring capabilities, including IRC and HTTP, to aid in botnet hunting and research.
A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks
Learn how to create new Malleable C2 profiles for Cobalt Strike to avoid detection and signatured toolset
