C2-Tool-Collection
Windows exploit tools
Tools for exploiting vulnerabilities in Windows systems and gathering information about networked computers.
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
1k stars
19 watching
198 forks
Language: C
last commit: about 1 year ago
Linked from 1 awesome list
Related projects:
Repository | Description | Stars |
---|---|---|
outflanknl/inlinewhispers | Tool to generate inline assembly code for direct system calls in COBalt Strike's Beacon Object Files (BOF) | 308 |
pyroxenites/boftools | A collection of tools and techniques for exploiting vulnerabilities in software applications. | 17 |
outflanknl/spray-ad | Automates an Active Directory password spraying attack to identify weak or guessable passwords | 426 |
matterpreter/offensivecsharp | A collection of C# tooling and POCs for operating system exploitation and vulnerability assessment. | 1,383 |
outflanknl/findobjects-bof | An exploit tool that uses direct system calls to enumerate processes based on specific loaded modules or process handles | 266 |
outflanknl/wdtoggle | A tool to enable WDigest credential caching using direct system calls in Cobalt Strike | 213 |
espressocake/firewall_walker_bof | An exploit technique allowing interaction with Windows software firewall via COM interfaces. | 100 |
enkomio/alanframework | A post-exploitation framework that enables red-team activities by providing a set of tools for infiltrating and controlling systems remotely. | 464 |
octoberfest7/cve-2023-36874_bof | An exploit tool for a Windows vulnerability allowing an attacker to run arbitrary code as SYSTEM on Windows 10 and Windows 11 | 202 |
outflanknl/invoke-adlabdeployer | Automates deployment of Windows and Active Directory test lab networks. | 480 |
outflanknl/helpcolor | Lists available Cobalt Strike beacon commands and colors them based on their type | 191 |
outflanknl/sharphide | Creates hidden registry keys to persist data despite DFIR investigation | 468 |
bluscreenofjeff/aggressorscripts | A collection of Cobalt Strike scripts designed to facilitate red teaming and exploitation | 800 |
rkervella/carbonmonoxide | A toolkit for evading endpoint detection and response (EDR) by combining techniques to spoof system properties and inject malicious code. | 23 |
wkl-sec/hiddendesktop | An implementation of HVNC for Cobalt Strike, allowing operators to interact with remote desktop sessions without user knowledge. | 1,169 |