Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite
Imagine you are performing a Red Team engagement and want to reduce the risk of being caught by using a redirector host to filter C2 traffic to your Cobalt Strike server and redirect all other traffic to an innocuous website. One way to achieve this is by setting up an Apache redirector as an intermediary server, allowing your C2 domain to point at it for traffic filtering. This setup provides the benefit of being able to change the redirector's IP and domain if your main server is compromised.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
A collection of precompiled Windows exploits for privilege escalation.
A script to enumerate Google Storage buckets and determine access and privilege escalation
Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.
A digital archive of the internet, allowing users to capture and browse archived web pages.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.