Likelihood this is legit seems low 😆
Designed to route beacons through weird C2 channels
Using and detecting C2 printer pivoting
Example of how C3 can route through print queues if both the victim and the relay have access to the printer
LOTS Project - Living Off Trusted Sites
https://github.com/Idov31/Nidhogg
Nidhogg is a multi-functional rootkit for red teams. The goal of Nidhogg is to provide an all-in-one and easy to use rootkit with multiple helpful functionalities for red team engagements that can be integrated with your own C2 framework via single header file with simple usage
https://github.com/wikiZ/RedGuard
RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language development. The core problem it solves is also in the face of increasingly complex red and blue attack and defense drills, giving the attack team a better C2 infrastructure concealment scheme, giving the interactive traffic of the C2 facility a flow control function, and intercepting those "malicious" analysis traffic, and better complete the entire attack mission.
https://github.com/D1rkMtr/VirusTotalC2
Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list , and in case you don't have C2 infrastructure , now you have a free one
https://www.youtube.com/watch?v=aXkuz7F85c4
https://github.com/outflanknl/RedELK