C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
https://github.com/FSecureLABS/C3
#c2 #cobaltstrike #redteam
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
https://github.com/FSecureLABS/C3
#c2 #cobaltstrike #redteam
GitHub
GitHub - ReversecLabs/C3: Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still…
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits. - ReversecLabs/C3
Taking the pain out of C2 Infrastructure
# https://byt3bl33d3r.substack.com/p/taking-the-pain-out-of-c2-infrastructure
# https://byt3bl33d3r.substack.com/p/taking-the-pain-out-of-c2-infrastructure-3c4
#c2 #redteam #infrastructure
# https://byt3bl33d3r.substack.com/p/taking-the-pain-out-of-c2-infrastructure
# https://byt3bl33d3r.substack.com/p/taking-the-pain-out-of-c2-infrastructure-3c4
#c2 #redteam #infrastructure
Substack
Taking the pain out of C2 Infrastructure (Part 1)
Caddy is good. Caddy is life.
DNS-Black-Cat
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel.
https://github.com/lawrenceamer/dns-black-cat
#c2 #dns #redteam
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel.
https://github.com/lawrenceamer/dns-black-cat
#c2 #dns #redteam
GitHub
GitHub - zux0x3a/dns-black-cat: Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you…
Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you will be able to execute system commands in shell mode over DNS protocol - GitHub - zux0x3a/dns-black...
GoWard
GoWard proxies HTTP C2 traffic to specified Red Team servers based on the HTTP header of the traffic.
https://github.com/chdav/GoWard
#c2 #proxy #redteam
GoWard proxies HTTP C2 traffic to specified Red Team servers based on the HTTP header of the traffic.
https://github.com/chdav/GoWard
#c2 #proxy #redteam
GitHub
GitHub - tid4l/GoWard: A robust Red Team proxy written in Go.
A robust Red Team proxy written in Go. Contribute to tid4l/GoWard development by creating an account on GitHub.
Red Teaming Toolkit
A collection of open source and commercial tools that aid in red team operations. This post will help you during red team engagement.
Contents
— Reconnaissance
— Weaponization
— Delivery
— Command and Control
— Lateral Movement
— Establish Foothold
— Escalate Privileges
— Data Exfiltration
— Misc
— References
https://renatoborbolla.medium.com/red-teaming-adversary-simulation-toolkit-da89b20cb5ea
#redteam #toolkit #powershell #c2
A collection of open source and commercial tools that aid in red team operations. This post will help you during red team engagement.
Contents
— Reconnaissance
— Weaponization
— Delivery
— Command and Control
— Lateral Movement
— Establish Foothold
— Escalate Privileges
— Data Exfiltration
— Misc
— References
https://renatoborbolla.medium.com/red-teaming-adversary-simulation-toolkit-da89b20cb5ea
#redteam #toolkit #powershell #c2
🦠 Hiding C2 Traffic Using Tyk.io
A small article on the topic of hiding your malicious C2 traffic through of the TYK cloud API management service domains.
Tyk API gateway will let you manage your API ingress and routing them to different endpoints, some of them could be internally but some of them could be publicly exposed, and you can add some controls for authentication purposes while calling one of your APIs.
🔗 https://shells.systems/oh-my-api-abusing-tyk-cloud-api-management-service-to-hide-your-malicious-c2-traffic/
#c2 #rederectors #trafic #redteam
A small article on the topic of hiding your malicious C2 traffic through of the TYK cloud API management service domains.
Tyk API gateway will let you manage your API ingress and routing them to different endpoints, some of them could be internally but some of them could be publicly exposed, and you can add some controls for authentication purposes while calling one of your APIs.
🔗 https://shells.systems/oh-my-api-abusing-tyk-cloud-api-management-service-to-hide-your-malicious-c2-traffic/
#c2 #rederectors #trafic #redteam
👍5🔥2
😡 Brute-Ratel-C4-Community-Kit
This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4. Anything which is added in the deprecated folder will not be a part of the latest release of BRc4.
https://github.com/paranoidninja/Brute-Ratel-C4-Community-Kit
#c2 #bof #shellcode #injection
This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4. Anything which is added in the deprecated folder will not be a part of the latest release of BRc4.
https://github.com/paranoidninja/Brute-Ratel-C4-Community-Kit
#c2 #bof #shellcode #injection
GitHub
GitHub - paranoidninja/Brute-Ratel-C4-Community-Kit: This repository contains scripts, configurations and deprecated payload loaders…
This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/) - paranoidninja/Brute-Ratel-C4-Community-Kit
⚔️ Maelstrom: C2 Development Blog Series
We wanted to explore how C2s function in 2022, what evasive behavior's are required, and what a minimum viable C2 looks like in a world of sophisticated endpoint protection.
Which gave us our goals for this blog series:
- Document the internals of a minimum viable C2:
* What are the ideas behind popular C2 implementations?
* What are their goals and objectives?
- Analyse and implement evasive behaviors:
* What is required to run on a contemporary Windows system?
* What is required to bypass up-to-date, modern endpoint protection?
- Produce a proof-of-concept C2:
* What is the minimum viable C2 for an operator in 2022?
* What is required to detect this minimum viable C2?
🔗 Maelstrom: An Introduction
🔗 Maelstrom: The C2 Architecture
🔗 Maelstrom: Building the Team Server
🔗 Maelstrom: Writing a C2 Implant
🔗 Maelstrom: EDR Kernel Callbacks, Hooks, and Call Stacks
#maldev #c2
We wanted to explore how C2s function in 2022, what evasive behavior's are required, and what a minimum viable C2 looks like in a world of sophisticated endpoint protection.
Which gave us our goals for this blog series:
- Document the internals of a minimum viable C2:
* What are the ideas behind popular C2 implementations?
* What are their goals and objectives?
- Analyse and implement evasive behaviors:
* What is required to run on a contemporary Windows system?
* What is required to bypass up-to-date, modern endpoint protection?
- Produce a proof-of-concept C2:
* What is the minimum viable C2 for an operator in 2022?
* What is required to detect this minimum viable C2?
🔗 Maelstrom: An Introduction
🔗 Maelstrom: The C2 Architecture
🔗 Maelstrom: Building the Team Server
🔗 Maelstrom: Writing a C2 Implant
🔗 Maelstrom: EDR Kernel Callbacks, Hooks, and Call Stacks
#maldev #c2
👍8