https://github.com/ZeroMemoryEx/C2-Hunter

Extract C2 Traffic
https://github.com/ZeroMemoryEx/C2-Hunter

Last synced: 5 months ago
JSON representation

Extract C2 Traffic

• Host: GitHub
• URL: https://github.com/ZeroMemoryEx/C2-Hunter
• Owner: ZeroMemoryEx
• Created: 2023-01-13T20:00:43.000Z (over 2 years ago)
• Default Branch: master
• Last Pushed: 2024-11-25T07:59:03.000Z (7 months ago)
• Last Synced: 2024-11-25T08:28:13.287Z (7 months ago)
• Language: C++
• Size: 344 KB
• Stars: 246
• Watchers: 3
• Forks: 35
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# C2-Hunter

* C2-Hunter is a program designed for malware analysts to extract Command and Control (C2) traffic from malwares in real-time. The program uses a unique approach by hooking into win32 connections APIs.

* With C2-Hunter, malware analysts can now intercept and analyze communication in real-time, gaining valuable insights into the inner workings of cyber threats. Its ability to track C2 elements of malware makes it an essential tool for any cyber security team.

# Features

* Real-time extraction of C2 traffic

* Bypasses malware time delays to speed up the extraction process (SOON)

# Real-world malware usage

* used to extract multiple C2s from malware

  - https://www.virustotal.com/gui/domain/stlaip578223.ddnsgeek.com

  - https://www.virustotal.com/gui/domain/stalhy74170.ddns.net

  - https://www.virustotal.com/gui/domain/stlaip74566.ddnsgeek.com

    

![image](https://github.com/user-attachments/assets/20cae99c-1986-487c-a044-b335e4ff64be)

* from hack the box challenge :)

![image](https://github.com/user-attachments/assets/ecd39b37-ece5-40ad-9ade-917b92c89eeb)

# DEMO

https://user-images.githubusercontent.com/60795188/212409788-902629a3-b5c5-4038-80c8-053947d8d7c3.mp4