[1147星][6d] [C#] cobbr/covenant Covenant is a collaborative .NET C2 framework for red teamers.
[95星][9d] [C#] cobbr/elite Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
[31星][4m] [C#] cobbr/c2bridge C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.
[132星][2m] [Py] andrewaeva/dga The repository that contains the algorithms for generating domain names, dictionaries of malicious domain names. Developed to research the possibility of applying machine learning and neural networks to detect and classify malicious domains.
[117星][6m] [Py] 360netlab/dga Suspicious DGA from PDNS and Sandbox.
[277星][1y] [Py] trycatchhcf/packetwhisper Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
[276星][4m] [Go] sensepost/godoh A DNS-over-HTTPS Command & Control Proof of Concept
[462星][2y] rsmudge/malleable-c2-profiles Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
[186星][2y] [Py] woj-ciech/daily-dose-of-malware Script lets you gather malicious software and c&c servers from open source platforms like Malshare, Malcode, Google, Cymon - vxvault, cybercrime tracker and c2 for Pony.
[155星][7d] [Py] chrispetrou/hrshell HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
[136星][2y] [Py] pjlantz/hale Botnet command & control monitor
[10星][12m] [Dockerfile] d3vzer0/cnc-relay Docker projects to retain beacon source IPs using C2 relaying infra
[10星][9m] [Py] m8r0wn/transportc2 PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
[10星][3y] [Py] r3mrum/loki-parse A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and security researchers who want to know what data is being exfiltrated to the C2, bot tracking, etc...
[9星][4m] [Py] degenerat3/meteor Cross-platform C2 with modules for TCP, web, and more soon to come
[8星][2m] [Py] jacobsoo/malconfig This is part of a module for the framework that i'm constantly developing. Currently only information of the C2 are disclosed here.
[7星][3y] [PS] 0sm0s1z/invoke-selfsignedwebrequest This repo exists as a quick and dirty arsenal of methods and scripts to subvert .NET SSL/TLS certificate validation in PowerShell and press on with the hack!
[764星][7d] [C] rdesktop/rdesktop rdesktop is an open source UNIX client for connecting to Windows Remote Desktop Services, capably of natively speaking Remote Desktop Protocol (RDP) in order to present the user's Windows desktop. rdesktop is known to work with Windows server version ranging from NT 4 terminal server to Windows 2012 R2.
[46星][20d] [Shell] infosecn1nja/ycsm This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
[46星][18d] [Java] m301/rdroid [Android RAT] Remotely manage your android phone using PHP Interface
[610星][1y] [PS] fortynorthsecurity/wmimplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
[518星][8m] [Visual Basic .NET] nyan-x-cat/lime-rat LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
[493星][6m] [Py] viralmaniar/powershell-rat Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
[7星][5m] [C] ctsecurity/stealth-kid-rat Stealth Kid RAT (SKR) is an open source Linux remote administration tool written in C. Licensed under MIT. The SKR project is fully developed and tested on Debian GNU-Linux (Deb 9.3 "Stretch") platform. The RAT will soon be available on Windows platform by mid 2018.
[430星][9d] [ObjC] sap/macos-enterprise-privileges For Mac users in an Enterprise environment this app ensures secure environment and yet gives the User control over administration of their machine by elevating their level of access to Administrator privilege on macOS X. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.