GitBook
Building C2 Implants in C++: A Primer: Introduction

https://shogunlab.gitbook.io

#c2
@islemolecule_source

PingRAT: secretly passes C2 traffic through firewalls using ICMP payloads

https://github.com/umutcamliyurt/PingRAT

#c2 ,#tool , #go
———
@islemolecule_source

PSRansom: a PowerShell Ransomware Simulator with C2 Server capabilities.

https://github.com/JoelGMSec/PSRansom

#c2 , #powershell , #simulat , #tool
———
@islemolecule_source

Detecting and decrypting Sliver C2 – a threat hunter’s guide

https://immersivelabs.com/blog/detecting-and-decrypting-sliver-c2-a-threat-hunters-guide/

#c2 ,
———
@islemolecule_source

Flying Under the Radar: Abusing GitHub for Malicious Infrastructure

https://www.recordedfuture.com/flying-under-the-radar-abusing-github-malicious-infrastructure

#c2 ,
———
@islemolecule_source

An aggressor script that can help automate payload building in Cobalt Strike

https://github.com/Workingdaturah/Payload-Generator

#c2 ,#Cobalt_Strike
———
@islemolecule_source

a repo to help researchers track Telegram-based C2 comms used by malware authors
credit : @Kostastsale

Check it out: https://github.com/tsale/TeleTracker

Features:
- Send messages to the channel
- Delete all messages from the channel
- Collect info from bot channels and the usernames behind them
- Monitor for new messages to the channel by other bots or users
- Spam the channel with a specific message

#c2
———
@islemolecule_source

This write-up will present a case study of using ETW (Event Tracing for Windows) to analyze an active Cobalt Strike Beacon that was still active and communicating to it's C2 Server.

https://github.com/DebugPrivilege/InsightEngineering/tree/main/Debugging 101/Section 8: Introduction to WPT/WPA Review - How to capture ETW trace?


#c2 , #ETW
———
@islemolecule_source

Building-c2-implants-in-cpp-a-primer
Link


#c2
#malware_dev
--------
@islemolecule_source