external_c2 framework Logo

external_c2 framework

0
Free
Visit Website

Python framework for building and utilizing interfaces to transfer data between frameworks, with a specific focus on serving as an extension to Command and Control frameworks. Currently, this is only intended as an implementation of Cobalt Strike's External C2 specification as described in this spec document, but is subject to change as the project matures. Credits Massive credit goes to xychix. This project would not have been possible at all without their valuable contributions. Basically this project is a rebuild and extension of Outflank's External C2 project. Architecture This project consists of the following main parts: Builder Skeletons Frameworks Transports Encoders Manager (not yet implemented). Builder The builder reads in a config file, and uses configured options to generate a build by replacing markers within skeletons. The builder can be used with build_files.py. A sample builder configuration is provided as sample_builder_config.config.sample. Skeletons skeletons are the different 'skeletons' of code that the builder will dynamically populate to generate a completely usable build. Skeletons contain markers that will be replaced with usable values.

FEATURES

ALTERNATIVES

TikiTorch offers advanced process injection capabilities to execute code stealthily in another process's space.

A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.

Open-source Java application for creating proxies for traffic analysis & modification.

A Python script for creating a cohesive and up-to-date penetration testing framework.

Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.

Redboto is a collection of scripts for red team operations against the AWS API.

Chameleon aids in evading proxy categorization to bypass internet filters.

A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.