Cobalt Strike's ExternalC2 framework Logo

Cobalt Strike's ExternalC2 framework

1
Free
Visit Website

ExternalC2 is a specification/framework introduced by Cobalt Strike, which allows hackers to extend the default HTTP(S)/DNS/SMB C2 communication channels offered. Essentially this works by allowing the user to develop a number of components: Third-Party Controller - Responsible for creating a connection to the Cobalt Strike TeamServer, and communicating with a Third-Party Client on the target host using a custom C2 channel. Third-Party Client - Responsible for communicating with the Third-Party Controller using a custom C2 channel, and relaying commands to the SMB Beacon. SMB Beacon - The standard beacon which will be executed on the victim host. Using the diagram from CS’s documentation, we can see just how this all fits together.

FEATURES

ALTERNATIVES

Fast web spider written in Go

CTF toolkit for rapid exploit development and prototyping.

A tool for security researchers and penetration testers to automate the process of finding sensitive information on a target domain.

A tool that finds more information about a given URL or domain by querying multiple data sources.

A C++ staged shellcode loader with evasion capabilities, compatible with Sliver and other shellcode sources, designed for offensive security testing.

A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.

Small script to simplify format string exploitation.

A Ruby framework designed to aid in the penetration testing of WordPress systems.