Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Build a C2 framework (ie. Metasploit, Cobalt Strike, sliver, etc). Seems like a really standard software security project as it encompasses a lot of interesting problems that intersects both software (building an application and interface, networking, infrastructure) and security (constructing payloads/shellcode, evasions, post-exploitation). If you've looked into a lot of drone-vulnerabilities, a C2 might be a nice place to provision exploits for them for delivery.
I do a lot of work on an open source anti-virus project (https://github.com/ION28/BLUESPAWN), and we're always looking for new contributors. It's been a great learning experience! Not sure if you need to build something from scratch or not, though.
Related posts
- With VPN's such as Twin Gate and TailScale, why open ports to expose services to the internet?
- Sliver Release v1.5.40 - This release fixes a vulnerability (CVE-2023-34758) in the Sliver Key Encapsulation Mechanism (KEM), where improper use of Nacl Box (libsodium) could allow a MitM attacker with a copy of the implant binary to recover the session key and arbitrarily encrypt/decrypt C2 message
- why no new Armitage :(((
- Suggestions for C2 server implementation
- Cobalt Strike Alternative?