Malleable-C2-Profiles
Indicator profiles
A collection of pre-defined profiles for redefining indicators in a C2 communication framework.
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
1k stars
52 watching
425 forks
last commit: over 3 years ago Related projects:
Repository | Description | Stars |
---|---|---|
xx0hcd/malleable-c2-profiles | A collection of pre-defined threat actor profiles used in Cobalt Strike | 774 |
bc-security/malleable-c2-profiles | A collection of C2 profiles used in post-exploitation frameworks | 342 |
threatexpress/malleable-c2 | A comprehensive guide and reference project for designing Cobalt Strike Malleable C2 profiles | 1,630 |
mhaskar/malleablec2-profiles | A collection of Cobalt Strike Malleable C2 profiles mimicking malicious Windows update processes | 34 |
redsiege/c2concealer | A command line tool that generates randomized C2 malleable profiles for use in threat simulation and red teaming exercises. | 1,024 |
byt3bl33d3r/pymalleablec2 | A Python library for parsing, modifying, and validating Malleable C2 profiles using an Abstract Syntax Tree (AST) approach. | 269 |
codextf2/burp2malleable | Converts HTTP requests from Burp Suite into a format compatible with Cobalt Strike Malleable C2 profiles. | 371 |
bluscreenofjeff/malleable-c2-randomizer | A script to generate randomized versions of Malleable C2 profiles | 433 |
crossc2/autorebind | Automatically converts Malleable C2 profile into communication library source code | 19 |
wkl-sec/malleable-cs-profiles | A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike | 384 |
drb-ra/c2intelfeeds | Automatically generated C2 feed data from Censys search results | 540 |
rsmudge/elevatekit | A PowerShell module for demonstrating third-party privilege escalation attacks with Cobalt Strike's Beacon payload | 895 |
open-compass/mmbench | A collection of benchmarks to evaluate the multi-modal understanding capability of large vision language models. | 168 |
rsmudge/cve-2020-0796-bof | Exploits a vulnerability in SMBv3 compression to achieve privilege escalation and process manipulation. | 68 |
huskyhacks/cobaltnotion | A research project that creates a Cobalt Strike-compatible Notion profile to mimic the app's behavior and facilitate collaboration | 53 |