C2-Tool-Collection

Windows exploit tools

Tools for exploiting vulnerabilities in Windows systems and gathering information about networked computers.

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

GitHub

1k stars
19 watching
198 forks
Language: C
last commit: about 1 year ago
Linked from 1 awesome list


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
outflanknl/inlinewhispers Tool to generate inline assembly code for direct system calls in COBalt Strike's Beacon Object Files (BOF) 308
pyroxenites/boftools A collection of tools and techniques for exploiting vulnerabilities in software applications. 17
outflanknl/spray-ad Automates an Active Directory password spraying attack to identify weak or guessable passwords 426
matterpreter/offensivecsharp A collection of C# tooling and POCs for operating system exploitation and vulnerability assessment. 1,383
outflanknl/findobjects-bof An exploit tool that uses direct system calls to enumerate processes based on specific loaded modules or process handles 266
outflanknl/wdtoggle A tool to enable WDigest credential caching using direct system calls in Cobalt Strike 213
espressocake/firewall_walker_bof An exploit technique allowing interaction with Windows software firewall via COM interfaces. 100
enkomio/alanframework A post-exploitation framework that enables red-team activities by providing a set of tools for infiltrating and controlling systems remotely. 464
octoberfest7/cve-2023-36874_bof An exploit tool for a Windows vulnerability allowing an attacker to run arbitrary code as SYSTEM on Windows 10 and Windows 11 202
outflanknl/invoke-adlabdeployer Automates deployment of Windows and Active Directory test lab networks. 480
outflanknl/helpcolor Lists available Cobalt Strike beacon commands and colors them based on their type 191
outflanknl/sharphide Creates hidden registry keys to persist data despite DFIR investigation 468
bluscreenofjeff/aggressorscripts A collection of Cobalt Strike scripts designed to facilitate red teaming and exploitation 800
rkervella/carbonmonoxide A toolkit for evading endpoint detection and response (EDR) by combining techniques to spoof system properties and inject malicious code. 23
wkl-sec/hiddendesktop An implementation of HVNC for Cobalt Strike, allowing operators to interact with remote desktop sessions without user knowledge. 1,169