From 559d7d90019daabbf64f5289720017abb5b33126 Mon Sep 17 00:00:00 2001 From: Meitar M Date: Wed, 7 Aug 2019 16:10:33 -0400 Subject: [PATCH] Add TrevorC2, a masked C2 and data exfil tool using "legitimate" HTTP. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 42432f9..fe87922 100644 --- a/README.md +++ b/README.md @@ -330,6 +330,7 @@ See also [awesome-industrial-control-system-security](https://github.com/hslatma * [Cloakify](https://github.com/TryCatchHCF/Cloakify) - Textual steganography toolkit that converts any filetype into lists of everyday strings. * [DET](https://github.com/sensepost/DET) - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time. * [Iodine](https://code.kryo.se/iodine/) - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed. +* [TrevorC2](https://github.com/trustedsec/trevorc2) - Client/server tool for masking command and control and data exfiltration through a normally browsable website, not typical HTTP POST requests. * [pwnat](https://github.com/samyk/pwnat) - Punches holes in firewalls and NATs. * [tgcd](http://tgcd.sourceforge.net/) - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.