XRayC2 shows how AWS X-Ray can be abused as a covert command and control channel. Practical walkthrough, install, attack scenario, detections.
command and control
RedExt – Browser Extension-Based C2 Framework for Red Team Recon
RedExt turns Chromium into a browser-based C2 agent, collect cookies, DOM, screenshots, clipboard, system data via a Flask server and Chrome extension.
ChromeAlone – Chromium Browser C2 Implant for Red Team Operations
ChromeAlone turns Chromium into a stealthy C2 implant with credential capture, file access, and persistence. A browser-based alternative to Cobalt Strike.
BrainDamage – Payload Generator and Encrypted Shell Stager for Red Teams
Generate and stage encrypted payloads with BrainDamage, a flexible toolkit for red teamers focused on stealth, staging, and remote command delivery.
OnionC2 – Tor Powered Rust Command and Control Framework
OnionC2 is a Tor-powered C2 framework with a Rust agent and Go server, designed for secure, anonymized red team operations with Windows persistence and stealth.