Malleable-C2-Profiles
Indicator profiles
A collection of pre-defined profiles for redefining indicators in a C2 communication framework.
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
1k stars
52 watching
425 forks
last commit: over 3 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 xx0hcd/malleable-c2-profiles | A collection of pre-defined threat actor profiles used in Cobalt Strike | 765 |
 bc-security/malleable-c2-profiles | A collection of C2 profiles used in post-exploitation frameworks | 341 |
 threatexpress/malleable-c2 | A comprehensive guide and reference project for designing Cobalt Strike Malleable C2 profiles | 1,619 |
 mhaskar/malleablec2-profiles | A collection of Cobalt Strike Malleable C2 profiles mimicking malicious Windows update processes | 34 |
 redsiege/c2concealer | A command line tool that generates randomized C2 malleable profiles for use in threat simulation and red teaming exercises. | 1,013 |
 byt3bl33d3r/pymalleablec2 | A Python library for parsing, modifying, and validating Malleable C2 profiles using an Abstract Syntax Tree (AST) approach. | 267 |
 codextf2/burp2malleable | Converts HTTP requests from Burp Suite into a format compatible with Cobalt Strike Malleable C2 profiles. | 368 |
 bluscreenofjeff/malleable-c2-randomizer | A script to generate randomized versions of Malleable C2 profiles | 433 |
 crossc2/autorebind | Automatically converts Malleable C2 profile into communication library source code | 19 |
 wkl-sec/malleable-cs-profiles | A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike | 374 |
 drb-ra/c2intelfeeds | Automatically generated C2 feed data from Censys search results | 531 |
| rsmudge/elevatekit | A PowerShell module for demonstrating third-party privilege escalation attacks with Cobalt Strike's Beacon payload | 891 |
 open-compass/mmbench | A collection of benchmarks to evaluate the multi-modal understanding capability of large vision language models. | 163 |
| rsmudge/cve-2020-0796-bof | Exploits a vulnerability in SMBv3 compression to achieve privilege escalation and process manipulation. | 68 |
 huskyhacks/cobaltnotion | A research project that creates a Cobalt Strike-compatible Notion profile to mimic the app's behavior and facilitate collaboration | 52 |