Best #OPSEC warning I have seen thus far is on sliver: "? This action is bad OPSEC, are you an adult?" #TheC2Matrix @LittleJoeTables @rkervell @bishopfox #redteam
0
0
0
0
#TheC2Matrix
Latest posts tagged with #TheC2Matrix on Bluesky
Trending
Posts tagged #TheC2Matrix
Covenant has been updated to 0.4 I had time to read the release and changelog but not sure if I will have time to test for #TheC2Matrix before release at #SANSHackFest Great work as always @cobbr_io...
0
0
1
0
Come with me on a quest to compare and contrast C2 frameworks for Red Teaming and Threat-Led Penetration Testing. My next talk will be the release of #TheC2Matrix at #SANSHackFest November 18-19 in Washington DC. #redteam #infosec #purpleteam @SANSPenTest ...
1
0
1
0
The last C2 in #TheC2Matrix is commercial (Linux, macOS, and Windows) with a limited community option (linux only) from @Stage2Sec #adversaryemulation #redteam https://buff.ly/2mIKvBO
0
0
0
0
TrevorC2 has a bit of story behind it. @HackingDave wrote it after #DerbyCon and is a basic HTTP C2 with jitter written in Python. #TheC2Matrix #redteam #adversaryemulation https://buff.ly/2mCX5m3
0
0
0
0
Another Command and Control from @SilentBreakSec is Throwback and HTTP beaconing implant written in Python. #TheC2Matrix #redteam #adversaryemulation https://buff.ly/2l6eqTQ
0
0
0
0
Just heard @byt3bl33d3r will be doing a webcast on SILENTTRINITY command and control framework, part of #TheC2Matrix via @BHinfoSecurity Check it out October 1!!! #redteam #infosec register.gotowebinar.com/register/876896077549985...
0
0
0
0
MacShellSwift is a proof of concept MacOS post exploitation tool written in Swift using encrypted sockets written by @cedowens It is macOS only as the name suggests but has a lot of neat features. #TheC2Matrix #adversaryemulation #redteam https://buff.ly/2naCCoI
0
0
0
0
EvilOSX is a mac only with a lot of post-exploitation modules. Not too much focus on C2 but part of the list in #TheC2Matrix #adversaryemulation #redteam
https://buff.ly/2l1rda2
0
0
0
0
Of course SILENTTRINITY is part of #TheC2Matrix Written by @byt3bl33d3r Multi-user, nodular, and future proof. One of the industry faves #redteam #adversaryemulation https://buff.ly/2pQoIGz
0
0
0
0
Powerhub uses PowerShell to send files back and forth written by @mr_mitm Not a complete C2 but lots of potential for bypassing controls. #TheC2Matrix #adversaryemulation #redteam https://buff.ly/2W6kvwh
0
0
0
0
Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Implants for macOS, WIndows, and Linux written in Goland by @bishopfox #TheC2Matrix #adversaryemulation #redteam
https://buff.ly/2nf0rvK
0
0
0
0
redViper is a proof of concept C2 that uses Reddit for communication. Heard about this one recently as part of #TheC2Matrix Will try to include it but with lower priority. #adversaryemulation #redteam https://buff.ly/2mKpDd5
0
0
0
0
QuasarRAT is another open source C2 framework #TheC2Matrix that is Windows only. Will point out before @QW5kcmV3 does that this is used by malicious actors as well. Like most things, they may be used for bad or good. #adversaryemulation #redteam https://github.com/quasar/QuasarRAT
0
0
0
0
Slingshot, part of Red Team Toolkit, from the folks at @SilentBreakSec is an excellent C2 as well. It is not in scope of #TheC2Matrix because it is commercial but for completeness, now you know it exists. #adversaryemulation #redteam
0
0
1
0
Project Prismatica is new and, I admit, I have not tried this one yet but will as part of #TheC2Matrix from fellow SANS instructor and author @0sm0s1z and @_OpenSecurity_ It promises to be modular and multi-platform and user #adversaryemulation #redteam http://ow.ly/3xij50wpGKI
0
0
0
0
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) command and control framework written in Python by @n1nj4sec #TheC2Matrix #adversaryemulation #redteam https://github.com/n1nj4sec/pupy
0
0
0
0
I have posted about 15 different command and control (C2) frameworks using #TheC2Matrix Only half way through the list. Thanks again to all the developers sharing their code for #adversaryemulation and #redteam exercises. The results will be presented at...
0
0
1
0
PoshC2_Python is the current supported version of PoshC2 It is proxy aware, written in Python3 and is modular. Comes with PowerShell/C# and Python3 implants. #TheC2Matrix #adversaryemulation #redteam http://ow.ly/DrWq50wpiQP
0
0
0
0
Nuages is a modular C2 framework for more advanced operators as you have to create your own implants. It is an interesting view on defense evasion. #TheC2Matrix #adversaryemulation #redteam http://ow.ly/lJXx50wpiBy
0
0
0
0
Merlin is a cross-platform post-exploitation HTTP/2 command and control framework written by @Ne0nd0g in golang #TheC2Matrix What is HTTP/2? Your outbound controls are asking the same thing! Linux and Windows payloads. #adversaryemulation #redteam http://ow.ly/SKIM50wnC2Z
0
0
0
0
For Windows targets, check out koadic, a COM Command & Control for Windows post-exploitation. Shout out to the developers: @Aleph___Naught @The_Naterz @JennaMagius @zerosum0x0 This one is part of #TheC2Matrix #adversaryemulation #redteam
http://ow.ly/JnlD50wn5DL
0
0
0
0
INNUENDO by @Immunityinc is an advanced C2 with many #adversaryemulation features. I recommend this one for the more mature organizations. It is not in scope of #TheC2Matrix because it is commercial but wanted to share it anyway. #redteam http://ow.ly/ll4h50wn5Bd
0
0
0
0
ibombshell is a Python3 server with PowerShell 3+ agents by the team @ElevenPaths. It is also modular with a number of post-exploitation TTPs such as UACBypass, AMSI and Defender Bypass, and lateral movement through pass-the-hash.
#TheC2Matrix...
0
0
1
0
goDoH is a DNS-over-HTTPS command and control proof of concept released by @sensepost #TheC2Matrix #adversaryemulation #redteam Excellent post on their site: http://ow.ly/7dle50wmt9D
0
0
0
0
Flying A False Flag is a new framework presented at Blackhat 2019 by @monoxgas Modules include CloudRacoon for hunting orphaned DNS records; PostOffice for C2 via Exchange EWS services; and Addendum for C2 via VirusTotal. #TheC2Matrix #adversaryemulation...
0
0
1
0
Faction C2 is another entry in #TheC2Matrix It offers excellent documentation, multi-user, .NET agent, redirectors, jitter, and modular. Check it out at http://ow.ly/LUiS50wmsHq
0
0
0
0
Although the original developers of Empire are not supporting it anymore, there is a supported fork of it. The goal of #TheC2Matrix is to have factual capabilities compared to Empire as a baseline.
http://ow.ly/M9IH50wihOH
0
0
0
0
Another great Command and Control (C2) framework part of #TheC2Matrix is @cobbr_io Covenant. It has multi-user, a nice GUI, and very good documentation. #adversaryemulation http://ow.ly/8e9C50wi7xL
0
0
0
0
CALDERA, created by @MITREcorp is part of #TheC2Matrix even though it's focus is on automation, it does command and control. It is free, actively maintained, and maps to @MITREattack #adversaryemulation https://github.com/mitre/caldera
1
0
1
0