#C2
Showing 60 of 78 repositories tagged #c2, ranked by stars
Adversary Emulation Framework
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
A post exploitation framework designed to operate covertly on heavily monitored environments
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
โ๏ธ๐คซ Stealth redirector for your red team operation security
๐ณ godoh - A DNS-over-HTTPS C2
ๅปไธญๅฟๅ่ฟ็จๆงๅถๅทฅๅ ท๏ผDecentralized Remote Administration Tool๏ผ๏ผ้่ฟENSๅฎ็ฐไบ้ ็ฝฎๆไปถๅๅ็ๅปไธญๅฟๅ๏ผ้่ฟTelegramๅฎ็ฐไบๆๅก็ซฏ็ๅปไธญๅฟๅ
Open source pre-operation C2 server based on python and powershell
C2 infrastructure over Microsoft Teams.
A cross platform C2/post-exploitation framework.
OrcaC2ๆฏไธๆฌพๅบไบWebsocketๅ ๅฏ้ไฟก็ๅคๅ่ฝC&Cๆกๆถ๏ผไฝฟ็จGolangๅฎ็ฐใ
Android remote administration tool
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet or Microsoft SharePoint List and exfiltrate files using Google Drive or Microsoft SharePoint Document.
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
link is a command and control framework written in rust
The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.
A C2 post-exploitation framework
Next Generation C2 Framework, IoM-server/client
A Golang implant that uses Slack as a command and control server
๐ PumpBin is an Implant Generation Platform.
PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Command & Control-Framework created for collaboration in python3
[ BOF-LAUNCHER ] -> an API for loading, executing and in-memory masking BOFs on Windows and Linux for use in C/Zig/Go/Rust agents/implants. [ Z-BEAC0N ] -> a custom-written stage-1 (aka pre-C2) solution engineered with a small footprint, stealth and modularity in mind. [ DEVELOPED BOFS ] -> cross-platform (12), Linux-only (10), Win-only (2)
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Enterprise AI Red Team Platform | ไผไธ็บงAI็บข้ๅนณๅฐ | 132 MCP Tools | Pure Python Engines | SDK+CLI+MCP | Auto-Download sqlmap/nuclei/ffuf | Production C2 | LLM Enhanced | Docker Sandbox | SARIF CI/CD | 1980 Tests
Repo containing cracked red teaming tools.
All-sources tool to search websites by favicons
Decentralised P2P botnet using toxcore.
TeamServer and Client of Exploration Command and Control Framework
Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
C2 writen in Rust & Go powered by Tor network.
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.
LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis
KIZAGAN is a RAT,c2 command&control tool.It allows you to build executables and control infected machines.
This repository contains Malicious Indicator of Compromise (IOC) blocklist for MISP, firewall which is vital for cybersecurity professionals to enhance threat detection and improve incident response capabilities.
Krypton C2 is a simple botnet source. Credits Source Code: NixWasHere
A curated list of tools useful within the field of cyber security, for both blue and red team operations.
Responsive Command and Control System
Your Skyfall Infrastructure Pack
UNFINISHED Botnet using a Go and Bootstrap Based C2, Support for Windows, Linux and Android Clients.
A toy CTF Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Simple Powershell Http shell With WEB UI
THANKS YOU FOR CODE | credit NixWasHere/NixC2
A Visual Studio Code Extension agent for Mythic C2
AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
A powerful Go-based multi-shell handler for managing multiple reverse shell connections simultaneously with features like shell type detection, background management, command broadcasting, and real-time interaction.
A lightweight Command and Control (C2) framework built for offensive security research and red teaming (Post Exploitation).
๐๐ชฒ Malleable C2 profiles parser and assembler written in golang
A command and control (C2) server
Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.
Spydi ThreatIntel Feed is built on open-source threat intelligence, community-maintained blocklists, and public security research.
Windows C++ Implant for Exploration C2
๐ก๏ธ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python