Malleable-C2-Profiles

Indicator profiles

A collection of pre-defined profiles for redefining indicators in a C2 communication framework.

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

GitHub

1k stars
52 watching
425 forks
last commit: over 3 years ago

Related projects:

Repository Description Stars
xx0hcd/malleable-c2-profiles A collection of pre-defined threat actor profiles used in Cobalt Strike 774
bc-security/malleable-c2-profiles A collection of C2 profiles used in post-exploitation frameworks 342
threatexpress/malleable-c2 A comprehensive guide and reference project for designing Cobalt Strike Malleable C2 profiles 1,630
mhaskar/malleablec2-profiles A collection of Cobalt Strike Malleable C2 profiles mimicking malicious Windows update processes 34
redsiege/c2concealer A command line tool that generates randomized C2 malleable profiles for use in threat simulation and red teaming exercises. 1,024
byt3bl33d3r/pymalleablec2 A Python library for parsing, modifying, and validating Malleable C2 profiles using an Abstract Syntax Tree (AST) approach. 269
codextf2/burp2malleable Converts HTTP requests from Burp Suite into a format compatible with Cobalt Strike Malleable C2 profiles. 371
bluscreenofjeff/malleable-c2-randomizer A script to generate randomized versions of Malleable C2 profiles 433
crossc2/autorebind Automatically converts Malleable C2 profile into communication library source code 19
wkl-sec/malleable-cs-profiles A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike 384
drb-ra/c2intelfeeds Automatically generated C2 feed data from Censys search results 540
rsmudge/elevatekit A PowerShell module for demonstrating third-party privilege escalation attacks with Cobalt Strike's Beacon payload 895
open-compass/mmbench A collection of benchmarks to evaluate the multi-modal understanding capability of large vision language models. 168
rsmudge/cve-2020-0796-bof Exploits a vulnerability in SMBv3 compression to achieve privilege escalation and process manipulation. 68
huskyhacks/cobaltnotion A research project that creates a Cobalt Strike-compatible Notion profile to mimic the app's behavior and facilitate collaboration 53