Nimbo-C2 : Lightweight C2 Framework

 

What is Nimbo-C2: 

 

Spring4Shell-POC is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about this application, it’s a simple hello world that’s based off Spring tutorials.

Screen shots:

Features:

• Build EXE, DLL, ELF payloads.
• Encrypted implant configuration and strings using NimProtect.
• Packing payloads using UPX and obfuscate the PE section names (UPX0, UPX1) to make detection and unpacking harder.
• Encrypted HTTP communication (AES in CBC mode, key hardcoded in the agent and configurable by the config.jsonc).
• Auto-completion in the C2 Console for convenient interaction.
• In-memory Powershell commands execution.
• File download and upload commands.
• Built-in discovery commands.
• Screenshot taking, clipboard stealing, audio recording.
• Memory evasion techniques like NTDLL unhooking, ETW & AMSI patching.
• LSASS and SAM hives dumping.
• Shellcode injection.
• Inline .NET assemblies execution.
• Persistence capabilities.
• UAC bypass methods.
• ELF loading using memfd in 2 modes.
• And more !

Download:

(Ads Free) github : LINK

(short link*) github: LINK

*using short links really help me keep sharing content but also i don't want you feel angry at me so there's a Ads free link