#

c2-detection

Here are 17 public repositories matching this topic...

activecm / rita

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

log-analysis incident-response intrusion-detection network-monitoring threat-hunting beacons cyber-security zeek security-tools threat-intelligence c2 anomaly-detection command-and-control blue-team network-traffic-analysis c2-detection

Updated Apr 2, 2026
Go

dereeqw / BerrySentinel

Berry Sentinel v5.0 — Advanced behavioral C2 and reverse shell detector for Linux/Windows/Unix systems. Features real-time connection analysis, heuristic scoring, C2 framework signature detection, beacon interval analysis, and an interactive curses-based TUI with process kill engine.

Updated Mar 1, 2026
Python

rynmon / malScraper

Scrapes a list of Payload Domains, IOC's & C2 IPs from from various feeds for easy blacklisting.

malware-analysis security-tools threat-intelligence security-research blue-team threat-feeds domain-blocklist malware-traffic-analysis ioc-collection c2-detection malware-tracking

Updated Jan 25, 2026
Rust

mazen91111 / C2-Profiler

C2 Framework Fingerprinter: identifies Cobalt Strike, Metasploit, Sliver, Havoc, Covenant, Brute Ratel from PCAP traffic using beacon analysis, URI patterns, JA3, and HTTP headers

network-forensics threat-hunting cobalt-strike red-team pcap-analysis ja3-fingerprint c2-detection beacon-detection

Updated Mar 18, 2026
Python

fevra-dev / Shrike

Python network forensics tool that detects C2 beaconing, port scans, data exfiltration, DNS tunneling, and 20+ threat patterns in PCAP files. Behavioral analysis for the encrypted traffic era. Every finding maps to MITRE ATT&CK.

python network-forensics incident-response traffic-analysis cybersecurity intrusion-detection network-security blue-team mitre-attack defensive-security threat-detection pcap-analysis c2-detection

Updated Apr 2, 2026
Python

rawqubit / ai-packet-analyzer

AI-powered network packet analyzer: detects C2, exfiltration, and lateral movement from pcap or tcpdump output.

python cli security pcap ai network-analysis c2-detection

Updated Mar 23, 2026
Python

Tshepiso06 / VendmoTech_Network_Traffic_Analysis

A Wireshark-based network traffic analysis simulating a live SOC incident at Vendmo Tech. Detects C2 beaconing, data exfiltration & port scanning across a 2.3GB PCAP. Includes 8 findings, 10 IOCs, MITRE ATT&CK v14 mapping & attack timeline. Blue Team / SOC portfolio project.

ioc network-forensics incident-response fintech cybersecurity wireshark network-security data-exfiltration packet-analysis blue-team mitre-attack threat-detection soc-analyst c2-detection

Updated Mar 17, 2026

RichardBarron27 / redspecter-c2-hunter

Outbound network monitor to detect beaconing and command-and-control-like behavior on Linux hosts.

threat-hunting bash-script kali-linux network-security linux-security blue-team network-visibility cyber-defense c2-detection outbound-monitoring defensive-tooling sock5-monitoring secops-tools

Updated Dec 7, 2025
Shell

copyleftdev / floq

Detect C2 beacons in network traffic using Floquet spectral analysis from quantum chaos theory. Fast, 274KB Zig binary. Reads pcap, live capture, or OpenTelemetry JSONL.

pcap zig network-forensics incident-response dfir cybersecurity threat-hunting soc spectral-analysis network-security security-tools blue-team threat-detection floquet opentelemetry network-traffic-analysis c2-detection beacon-detection

Updated Mar 30, 2026
Zig

YoustinaGamal / redspecter-c2-hunter

🛡️ Monitor outbound TCP connections on Linux with C2 Hunter, a lightweight tool that reveals active sessions and enhances your security posture.

threat-hunting kali-linux network-security linux-security blue-team network-visibility cyber-defense c2-detection outbound-monitoring defensive-tooling sock5-monitoring secops-tools

Updated Apr 5, 2026
Shell

0xPersist / Avery

Autonomous Vigilance Engine for Reconnaissance Yield

Updated Mar 20, 2026
Shell

Saravanan-Patrick / Lab-03-Malware-Traffic-Analysis

Lab 03 - Malware Traffic Analysis | Wireshark Packet Capture | TCP+UDP Scan Patterns | C2 Simulation | 1066 Packets Analyzed | SOC Lab

network-forensics cybersecurity wireshark kali-linux packet-analysis blue-team tcp-analysis soc-analyst c2-detection udp-scan

Updated Mar 18, 2026

harhsithhn-glitch / malware-traffic-analysis-c2-detection

Network traffic analysis using Wireshark to identify suspicious HTTP POST-based Command-and-Control (C2) communication and extract Indicators of Compromise (IOCs).

incident-response cybersecurity wireshark malware-analysis network-security pcap-analysis c2-detection

Updated Feb 21, 2026

roiswd / ebpf-docker-build-monitor

eBPF-based monitor for detecting suspicious activity during Docker image builds

dependency-injection ebpf syscall devsecops docker-security container-security runtime-monitoring docker-build c2-detection

Updated Jun 8, 2025
C

hegner123 / active-scan

menu bar malware monitor. detects and kills blockchain C2 backdoor processes, with a live web dashboard

go windows macos systray security blockchain malware-detection menu-bar c2-detection

Updated Mar 30, 2026
Go

gabrielliaprotecting43 / VendmoTech_Network_Traffic_Analysis

Analyzes network traffic with Wireshark to detect threats, support SOC response, and map findings to MITRE ATT&CK for Vendmo Tech

ioc network-forensics incident-response fintech cybersecurity wireshark network-security data-exfiltration packet-analysis blue-team mitre-attack threat-detection soc-analyst c2-detection

Updated Apr 5, 2026

TamaleGT / BerrySentinel

Detects C2 connections in real time by analyzing process behavior without relying on signature databases or IP blacklists.

python linux security cybersecurity penetration-testing red-team process-monitoring python-lambda defensive-security threat-detection behavioral-analysis red-team-tools c2-detection host-based-detection reverse-shell-detection

Updated Apr 5, 2026
Python

Improve this page

Add a description, image, and links to the c2-detection topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the c2-detection topic, visit your repo's landing page and select "manage topics."