A library for integrating communication channels with the Cobalt Strike External C2 server. This library provides an implementation of the Cobalt Strike External C2 spec, including a basic web channel and a websocket channel. The codebase is designed to allow additional channels to be added easily. Features Implemented: C2 Channels - Direct Socket Connection, Web API Channel (Dotnet Core), WebSockets Channel (Dotnet Core). The code is heavily commented, and it is recommended to read the comments first. Getting started: The solution should be built with Visual Studio 2017. More info will be added soon. Developing, Building, Deploying, Contributing sections are to be updated. License: ExternalC2 is open-sourced software licensed under the MIT license.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A next-generation intrusion prevention system that combines signature-based and behavioral detection techniques to identify and block sophisticated network threats across hybrid environments.
Automated signature creation using honeypots for network intrusion detection systems.
A free, open-source network protocol analyzer for capturing and displaying packet-level data.
A tool for classifying packets into flows based on 4-tuple without additional processing.
A command-line tool for managing and analyzing Microsoft Forefront TMG and UAG configurations.
Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.