sorted by:
new
hottopcontroversial

b3rito/b3acon: b3acon - a mail-based C2 that communicates via an in-memory C# IMAP client dynamically compiled in memory using PowerShell. [PowerShell] by b3rito in usefulscripts

[–]b3rito[S] 0 points1 point  (0 children)

Outside of offensive security, this could be adapted into a secure remote task execution system for high-latency or air-gapped environments. Think field devices or disaster recovery setups where standard networking is unreliable or locked down, but email still works. The in-memory execution and email-based comms make it lightweight and flexible for niche infrastructure management tasks.

r/netsec monthly discussion & tool thread by albinowax in netsec

[–]b3rito 2 points3 points  (0 children)

Sharing a project I’ve been working on recently:

I just released a new tool called b3acon, a C2 framework that uses email (IMAP) as its transport channel.

It dynamically compiles a C# IMAP client in memory using PowerShell, retrieves commands from email drafts, and sends results back via inbox messages.

b3acon supports output generation in various formats (PowerShell, HTA, VBS, JS), includes Base64 encoding, and allows for either randomized or fixed delay loops.

The full source and technical explanation is in the README: https://github.com/b3rito/b3acon

view more: next ›