• Home
  • 0x1 | Cyber Security Consulting

Exploitation Tools - page 2

Faction C2 Framework
06Oct

Faction C2 Framework

By 0x1 Command-and-control, C2, .net, Dns, Comments

Faction is a C2 framework for security professionals, providing an easy way to extend and interact with agents. It focuses on providing an easy, stable, and approachable platform for C2 communications through well documented REST and Socket.IO APIs.

Instead of one large monolithic application, Faction is designed loosely around a micro services architecture. Functionality is split into separate services that communicate through message queues. This approach provides several advantages, most important of which is allowing users to quickly be able to learn how the system operates.

Sliver
05Oct

Sliver

By 0x1 Command-and-control, C2, Golang, Dns, Comments

⚠️ Warning: Sliver is currently in alpha, you’ve been warned :) and please consider contributing

Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary.

The server, client, and implant all support MacOS, Windows, and Linux (and possibly every Golang compiler target but we’ve not tested them all).

FudgeC2
17Sep

FudgeC2

By 0x1 Python3, Powershell, Command-and-control, C2, Comments

A collaborative C2 framework for purple-teaming written in Python3, Powershell and .NET

FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask - Designed for team collaboration, client interaction, campaign timelining, and usage visibility.

Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Beta will be released later this year, at BlackHat Arsenal.

C3 Custom Command and Control
05Sep

C3 Custom Command and Control

By 0x1 Command-and-control, C2, Externalc2, Cobalt strike, Comments

C3 (Custom Command and Control) is a tool that allows Red Teams to rapidly develop and utilise esoteric command and control channels (C2). It’s a framework that extends other red team tooling, such as the commercial Cobalt Strike (CS) product via ExternalC2, which is supported at release. It allows the Red Team to concern themselves only with the C2 they want to implement; relying on the robustness of C3 and the CS tooling to take care of the rest. This efficiency and reliability enable Red Teams to operate safely in critical client environments (by assuring a professional level of stability and security); whilst allowing for safe experimentation and rapid deployment of customised Tactics, Techniques and Procedures (TTPs). Thus, empowering Red Teams to emulate and simulate an adaptive real-world attacker.

0x1.gitlab.io

About

Welcome to 0x1.gitlab.io my personal blog to share my knowledge
Cyber Security, Ethical Hacking, Web & Network Auditing, Reverse Engineering and Cryptography
Website semi-configured to use with No-Script. No ADS and No use analytics tracking.

Contact

Forum : @0x1

© 0x1 | Cyber Security Consulting - Copyright All Rights Reserved