ExternalC2
A library for integrating communication channels with the Cobalt Strike External C2 server. This library provides an implementation of the Cobalt Strike External C2 spec, including a basic web channel and a websocket channel. The codebase is designed to allow additional channels to be added easily. Features Implemented: C2 Channels - Direct Socket Connection, Web API Channel (Dotnet Core), WebSockets Channel (Dotnet Core). The code is heavily commented, and it is recommended to read the comments first. Getting started: The solution should be built with Visual Studio 2017. More info will be added soon. Developing, Building, Deploying, Contributing sections are to be updated. License: ExternalC2 is open-sourced software licensed under the MIT license.
FEATURES
ALTERNATIVES
A fast and flexible web fuzzer for identifying vulnerabilities in web applications
An open source platform for secure remote access management with granular access control and fast speeds.
A tool for classifying packets into flows based on 4-tuple without additional processing.
NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.
Port listener / honeypot in Rust with protocol guessing, safe string display and rudimentary SQLite logging.
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.