external_c2 framework
Python framework for building and utilizing interfaces to transfer data between frameworks, with a specific focus on serving as an extension to Command and Control frameworks. Currently, this is only intended as an implementation of Cobalt Strike's External C2 specification as described in this spec document, but is subject to change as the project matures. Credits Massive credit goes to xychix. This project would not have been possible at all without their valuable contributions. Basically this project is a rebuild and extension of Outflank's External C2 project. Architecture This project consists of the following main parts: Builder Skeletons Frameworks Transports Encoders Manager (not yet implemented). Builder The builder reads in a config file, and uses configured options to generate a build by replacing markers within skeletons. The builder can be used with build_files.py. A sample builder configuration is provided as sample_builder_config.config.sample. Skeletons skeletons are the different 'skeletons' of code that the builder will dynamically populate to generate a completely usable build. Skeletons contain markers that will be replaced with usable values.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
Back-end component for red team operations with crucial design considerations.
A tool for security researchers and penetration testers to automate the process of finding sensitive information on a target domain.
Full-featured C2 framework for stealthy communication and control on web servers.
A project for demonstrating AWS attack techniques with a focus on ethical hacking practices.
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
Comprehensive tutorial on modern exploitation techniques with a focus on understanding exploitation from scratch.
An open-source penetration testing framework for social engineering with custom attack vectors.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.