Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/c2lang/c2compiler
the c2 programming language
c c2 compiler programming-language
Last synced: 20 Jun 2024
![](https://github.com/c2lang.png)
https://github.com/gl4ssesbo1/Nebula
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
aws c2 cloud enumeration nebula pentesting reconnaissance
Last synced: 18 Jun 2024
![](https://github.com/gl4ssesbo1.png)
https://github.com/Bert-JanP/Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
c2 ioc iocfeed malware misp phishing threat-hunting threat-intelligence
Last synced: 11 Jun 2024
![](https://github.com/Bert-JanP.png)
https://github.com/DeimosC2/DeimosC2
DeimosC2 is a Golang command and control framework for post-exploitation.
c2 doh golang hacktoberfest https infosec quic red-team security-tools
Last synced: 09 Jun 2024
![](https://github.com/DeimosC2.png)
https://github.com/itaymigdal/Nimbo-C2
Nimbo-C2 is yet another (simple and lightweight) C2 framework
c2 c2-framework command-and-control payload-generator penetration-testing-tools pentesting-tools rat red-team red-team-tools
Last synced: 08 Jun 2024
![](https://github.com/itaymigdal.png)
https://github.com/INotGreen/XiebroC2
一款支持多人协作的渗透测试图形化框架、支持lua插件扩展、域前置/CDN上线、自定义多个模块、自定义shellcode、文件管理、进程管理、内存加载、反向代理等功能
Last synced: 08 Jun 2024
![](https://github.com/INotGreen.png)
https://github.com/nxenon/c2x
C2X - C2/Post-Exploitation Tool on (Raw Socket Traffic)
c2 commandandcontrol python python3 security-tools
Last synced: 05 Jun 2024
![](https://github.com/nxenon.png)
https://github.com/Tw1sm/HTTPS-MalleableC2-Config
Create Cobalt Strike malleable C2 profiles with HTTPS configs
Last synced: 05 Jun 2024
![](https://github.com/Tw1sm.png)
https://github.com/xRET2pwn/PickleC2
PickleC2 is a post-exploitation and lateral movements framework
c2 command-and-control picklec2
Last synced: 05 Jun 2024
![](https://github.com/xRET2pwn.png)
https://github.com/wsummerhill/C2_RedTeam_CheatSheets
Useful C2 techniques and cheatsheets learned from engagements
Last synced: 05 Jun 2024
![](https://github.com/wsummerhill.png)
https://github.com/skerkour/black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
audit beacon bug-bounty bug-hunting c2 hacking infosec offensive-security pentest pentesting phishing red-team rust scanner security security-tools shellcodes trojan virus wasm
Last synced: 02 Jun 2024
![](https://github.com/skerkour.png)
https://github.com/t3l3machus/Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools
Last synced: 02 Jun 2024
![](https://github.com/t3l3machus.png)
https://github.com/BC-SECURITY/Starkiller
Starkiller is a Frontend for PowerShell Empire.
c2 empire hacktoberfest redteam-infrastructure
Last synced: 30 May 2024
![](https://github.com/BC-SECURITY.png)
https://github.com/h0rv4th/c2matrix-analyzer
Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack
adversarial-attacks c2 command-and-control nids
Last synced: 30 May 2024
![](https://github.com/h0rv4th.png)
https://github.com/cyberark/kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
agent c2 command-and-control containers golang http2 kubernetes penetration-testing-framework penetration-testing-tools post-exploitation red-teams redteam-tools security security-tools
Last synced: 27 May 2024
![](https://github.com/cyberark.png)
https://github.com/sensepost/goDoH
🕳 godoh - A DNS-over-HTTPS C2
c2 command-and-control dns dns-over-https doh golang
Last synced: 27 May 2024
![](https://github.com/sensepost.png)
https://github.com/lukebob-zz/c2-pwn
Uses Shodan API to pull down C2 servers to run known exploits on them.
c2 exploit python rat shodan-api
Last synced: 17 May 2024
![](https://github.com/LukeBob-zz.png)
https://github.com/killswitch-gui/flask_pythonanywhere_redirector
flask pythonanywhere C2 redirector template
Last synced: 17 May 2024
![](https://github.com/killswitch-GUI.png)
https://github.com/degenerat3/meteor
A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
c2 command-and-control docker docker-compose entgo entity-framework golang land-before-time offensive-security postgresql redteam
Last synced: 17 May 2024
![](https://github.com/degenerat3.png)
https://github.com/killswitch-gui/flask_heroku_redirector
flask heroku C2 redirector template
Last synced: 17 May 2024
![](https://github.com/killswitch-GUI.png)
https://github.com/m8sec/transportc2
PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
c2 command-and-control pentest-tool pentesting python3 redteam
Last synced: 17 May 2024
![](https://github.com/m8sec.png)
https://github.com/professionallyevil/c4
Cyberdelia, a Collection of Command and Control frameworks
awesome-lists c2 c2-comparisons c2-reviews
Last synced: 17 May 2024
![](https://github.com/ProfessionallyEvil.png)
https://github.com/project-prismatica/prismatica
Responsive Command and Control System
c2 cybersecurity exploitation exploitation-framework infosec pentesting
Last synced: 17 May 2024
![](https://github.com/Project-Prismatica.png)
https://github.com/shadow-workers/shadow-workers
Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
c2 penetration-testing-tools proxy service-worker xss-exploitation
Last synced: 17 May 2024
![](https://github.com/shadow-workers.png)
https://github.com/ziconius/fudgec2
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
c2 command-and-control cybersecurity implant offensive-security post-exploitation powershell purpleteam python3 readteaming redteam security security-tools
Last synced: 17 May 2024
![](https://github.com/Ziconius.png)
https://github.com/not-sekiun/PyIris
PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
c2 c2-framework command-and-control penetration-testing post-exploitation python3 red-teaming remote-access-trojan
Last synced: 17 May 2024
![](https://github.com/not-sekiun.png)
https://github.com/killswitch-gui/flask_appengine_redirector
Google App Engine Flask C2 redirector
Last synced: 17 May 2024
![](https://github.com/killswitch-GUI.png)
![](https://github.com/password-reset.png)
![](https://github.com/j3ssie.png)
https://github.com/alphaSeclab/awesome-rat
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
c2 command-and-control command-control malware-analysis rat rat-analysis rat-malware remote-access-tool remote-administration-tool
Last synced: 17 May 2024
![](https://github.com/alphaSeclab.png)
https://github.com/Coalfire-Research/Slackor
A Golang implant that uses Slack as a command and control server
c2 command-and-control golang penetration-testing penetration-testing-tools pentest python red-team remote-admin-tool
Last synced: 15 May 2024
![](https://github.com/Coalfire-Research.png)
https://github.com/BishopFox/sliver
Adversary Emulation Framework
adversarial-attacks adversary-simulation c2 command-and-control dns dns-server golang gplv3 http implant red-team red-team-engagement red-teaming security-tools sliver
Last synced: 13 May 2024
![](https://github.com/BishopFox.png)
https://github.com/looCiprian/GC2-sheet
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.
c2 command-and-control golang google google-drive google-sheet malware
Last synced: 12 May 2024
![](https://github.com/looCiprian.png)
https://github.com/sneakerhax/C2PE
C2 and Post Exploitation Code
c2 golang offensivesecurity pentesting post-exploitation python3 redteam security
Last synced: 01 May 2024
![](https://github.com/sneakerhax.png)
https://github.com/mhaskar/Octopus
Open source pre-operation C2 server based on python and powershell
c2 pentesting powershell python redteam security
Last synced: 27 Apr 2024
![](https://github.com/mhaskar.png)
https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
c2 cheatsheet cobalt cobalt-strike redteam redteaming
Last synced: 27 Apr 2024
![](https://github.com/S1ckB0y1337.png)
https://github.com/leonjza/tc2
treafik fronted c2 examples
c2 cobaltstrike covenant redteam security traefik
Last synced: 27 Apr 2024
![](https://github.com/leonjza.png)
https://github.com/audibleblink/gorsh
A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
c2 golang infosec redteam reverse-shell reverseshell security security-tools
Last synced: 24 Apr 2024
![](https://github.com/audibleblink.png)
https://github.com/alphaSeclab/awesome-cyber-security
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
anti-virus burp c2 cobalt-strike data-exfiltration iot-security kali metasploit osint owasp password payload pentest post-exploitation privilege-escalation recon social-engineering-attacks threat-hunt vulnerability wifi-hacking
Last synced: 22 Apr 2024
![](https://github.com/alphaSeclab.png)
https://github.com/Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
agent c2 command-and-control golang http2 post-exploitation
Last synced: 19 Apr 2024
![](https://github.com/Ne0nd0g.png)
https://github.com/spellshift/realm
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
agent bot c2 cyber cybersecurity golang graphql implant react redteam redteam-tools redteaming rust teamserver typescript webui
Last synced: 16 Apr 2024
![](https://github.com/spellshift.png)
https://github.com/tokyoneon/credphish
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
amsi antivirus-evasion backdoor bypass-antivirus c2 dns dns-server exfiltration information-security kali kali-linux kali-scripts offensive-security penetration-testing reverse-shell shell social-engineering
Last synced: 13 Apr 2024
![](https://github.com/tokyoneon.png)
https://github.com/BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
c2 empire hacktoberfest redteam-infrastructure
Last synced: 13 Apr 2024
![](https://github.com/BC-SECURITY.png)
https://github.com/nettitude/PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
c2 csharp nettitude payloads poshc2 poshc2-installation powershell proxy-aware python3 redteam
Last synced: 10 Apr 2024
![](https://github.com/nettitude.png)
https://github.com/postrequest/link
link is a command and control framework written in rust
c2 command-and-control implant payload penetration-testing pentesting red-team rust
Last synced: 10 Apr 2024
![](https://github.com/postrequest.png)
https://github.com/cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
c2 covenant dotnet dotnet-core red-team
Last synced: 10 Apr 2024
![](https://github.com/cobbr.png)
https://github.com/enkomio/AlanFramework
A C2 post-exploitation framework
c2 hacking hacking-tool post-exploitation red-team red-teaming security security-tool
Last synced: 10 Apr 2024
![](https://github.com/enkomio.png)
https://github.com/nil0x42/phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
advanced-persistent-threat backdoor blackhat c2 command-and-control hacking hacking-framework hacktool persistence php-backdoor php-webshell php-webshell-backdoor post-exploitation privilege-escalation redteam stealth web-hacking webshell
Last synced: 28 Mar 2024
![](https://github.com/nil0x42.png)
https://github.com/b23r0/Heroinn
A cross platform C2/post-exploitation framework.
c2 pentest-tool post-exploitation rat remote-control trojan-rat
Last synced: 17 Mar 2024
![](https://github.com/b23r0.png)
![](https://github.com/YDHCUI.png)
https://github.com/ac0d3r/pingser
Use pingser to create client and server based on ICMP Protocol to send and receive custom message content.
Last synced: 16 Mar 2024
![](https://github.com/ac0d3r.png)