c2-detection

Here are 15 public repositories matching this topic...

activecm / rita

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

log-analysis incident-response intrusion-detection network-monitoring threat-hunting beacons cyber-security zeek security-tools threat-intelligence c2 anomaly-detection command-and-control blue-team network-traffic-analysis c2-detection

Updated Mar 30, 2026
Go

Berry Sentinel v5.0 — Advanced behavioral C2 and reverse shell detector for Linux/Windows/Unix systems. Features real-time connection analysis, heuristic scoring, C2 framework signature detection, beacon interval analysis, and an interactive curses-based TUI with process kill engine.

Updated Mar 1, 2026
Python

rynmon / malScraper

Star

Scrapes a list of Payload Domains, IOC's & C2 IPs from from various feeds for easy blacklisting.

malware-analysis security-tools threat-intelligence security-research blue-team threat-feeds domain-blocklist malware-traffic-analysis ioc-collection c2-detection malware-tracking

Updated Jan 25, 2026
Rust

mazen91111 / C2-Profiler

Star

C2 Framework Fingerprinter: identifies Cobalt Strike, Metasploit, Sliver, Havoc, Covenant, Brute Ratel from PCAP traffic using beacon analysis, URI patterns, JA3, and HTTP headers

network-forensics threat-hunting cobalt-strike red-team pcap-analysis ja3-fingerprint c2-detection beacon-detection

Updated Mar 18, 2026
Python

rawqubit / ai-packet-analyzer

Star

AI-powered network packet analyzer: detects C2, exfiltration, and lateral movement from pcap or tcpdump output.

python cli security pcap ai network-analysis c2-detection

Updated Mar 23, 2026
Python

Tshepiso06 / VendmoTech_Network_Traffic_Analysis

Star

A Wireshark-based network traffic analysis simulating a live SOC incident at Vendmo Tech. Detects C2 beaconing, data exfiltration & port scanning across a 2.3GB PCAP. Includes 8 findings, 10 IOCs, MITRE ATT&CK v14 mapping & attack timeline. Blue Team / SOC portfolio project.

ioc network-forensics incident-response fintech cybersecurity wireshark network-security data-exfiltration packet-analysis blue-team mitre-attack threat-detection soc-analyst c2-detection

Updated Mar 17, 2026

RichardBarron27 / redspecter-c2-hunter

Sponsor

Star

Outbound network monitor to detect beaconing and command-and-control-like behavior on Linux hosts.

threat-hunting bash-script kali-linux network-security linux-security blue-team network-visibility cyber-defense c2-detection outbound-monitoring defensive-tooling sock5-monitoring secops-tools

Updated Dec 7, 2025
Shell

YoustinaGamal / redspecter-c2-hunter

Star

🛡️ Monitor outbound TCP connections on Linux with C2 Hunter, a lightweight tool that reveals active sessions and enhances your security posture.

threat-hunting kali-linux network-security linux-security blue-team network-visibility cyber-defense c2-detection outbound-monitoring defensive-tooling sock5-monitoring secops-tools

Updated Mar 31, 2026
Shell

harhsithhn-glitch / malware-traffic-analysis-c2-detection

Star

Network traffic analysis using Wireshark to identify suspicious HTTP POST-based Command-and-Control (C2) communication and extract Indicators of Compromise (IOCs).

incident-response cybersecurity wireshark malware-analysis network-security pcap-analysis c2-detection

Updated Feb 21, 2026

0xPersist / Avery

Star

Autonomous Vigilance Engine for Reconnaissance Yield

Updated Mar 20, 2026
Shell

Saravanan-Patrick / Lab-03-Malware-Traffic-Analysis

Star

network-forensics cybersecurity wireshark kali-linux packet-analysis blue-team tcp-analysis soc-analyst c2-detection udp-scan

Updated Mar 18, 2026

copyleftdev / floq

Star

Detect C2 beacons in network traffic using Floquet spectral analysis from quantum chaos theory. Fast, 274KB Zig binary. Reads pcap, live capture, or OpenTelemetry JSONL.