Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
-
Updated
Jul 8, 2021 - Go
#
command-and-control
Here are 67 public repositories matching this topic...
ipsets dynamically updated with firehol's update-ipsets.sh script
-
Updated
Jul 27, 2021 - Shell
Adversary Emulation Framework
dns
golang
http
gplv3
dns-server
sliver
red-team
security-tools
c2
red-team-engagement
command-and-control
implant
adversarial-attacks
red-teaming
adversary-simulation
-
Updated
Jul 27, 2021 - Go
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
rat
malware-analysis
c2
command-and-control
remote-access-tool
remote-administration-tool
command-control
rat-analysis
rat-malware
-
Updated
Feb 17, 2020
C2/post-exploitation framework
python
pyqt5
python3
spyware
post-exploitation
pentest
offensive-security
red-team
security-tools
pentest-tool
command-and-control
qtframework
-
Updated
Jul 27, 2021 - Python
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
windows
linux
golang
reverse-shell
cross-platform
persistence
tor
rpc
transport
rat
keylogger
post-exploitation
payload
privilege-escalation
remote-admin-tool
uac-bypass
command-and-control
shell-reverse
reverse-shells
uacbypass
-
Updated
Jul 23, 2021 - Go
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
agent
kubernetes
golang
security
containers
http2
post-exploitation
security-tools
c2
penetration-testing-framework
command-and-control
red-teams
penetration-testing-tools
redteam-tools
-
Updated
Jun 20, 2021 - Go
-
Updated
Jan 24, 2021 - Go
A Golang implant that uses Slack as a command and control server
python
golang
penetration-testing
pentest
red-team
remote-admin-tool
c2
command-and-control
penetration-testing-tools
-
Updated
Apr 7, 2021 - Python
Python Kaldi speech recognition with grammars that can be set active/inactive dynamically at decode-time
python
grammars
voice
voice-commands
coding
speech-recognition
speech-to-text
kaldi
voice-control
dictation
command-and-control
kaldi-asr
voice-coding
kaldi-grammar
-
Updated
Jul 11, 2021 - Python
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
security
powershell
python3
cybersecurity
post-exploitation
offensive-security
security-tools
c2
command-and-control
redteam
implant
purpleteam
readteaming
-
Updated
Mar 25, 2021 - Python
link is a command and control framework written in rust
-
Updated
Jul 9, 2021 - Rust
Open
Standalone Docker
KCarretto
commented
Apr 22, 2020
Create a standalone docker container such that a demo instance of the project can be setup using only docker run
Extensible Red Team Framework
-
Updated
Dec 2, 2019 - Python
A simple, extensible C&C beaconing system.
-
Updated
Feb 13, 2018 - Go
An open-source, centralized HTTPS botnet
-
Updated
Apr 14, 2020 - C#
NekRos is an Open-Source Ransomeware, with advanced Features, Which Looks Like Wannacry and Has C&C Server which can be Used to Retrive KEY
python
windows
fast
open-source
gui
server
python3
kali-linux
database-manager
command-and-control
wannacry
ransomeware
technowlogy
pushpender
pushpender-singh
nekros
parratsec
ransomeware-generator
uncrackable-key
-
Updated
Jan 10, 2021 - Python
arduino
twitch
streaming
remote-control
twitter
telegram
botnet
powershell
hacking
infosec
keylogger
atmega32u4
whatsapp-web
badusb
command-and-control
-
Updated
Dec 20, 2019 - PowerShell
Check Domain Fronting (chkdfront) - It checks if your domain fronting is working
-
Updated
Jun 26, 2021 - Ruby
mattreduce
commented
Feb 28, 2021
Now that there are more than a couple of commands and complexity is increasing. Place each command's source into its own file then pull into extension.js. Will need some sort of command name to function mapping.
PickleC2 is a post-exploitation and lateral movements framework
-
Updated
Jul 26, 2021 - PowerShell
AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
python
encoding
obfuscation
encryption
hacking
penetration-testing
rat
pentesting
reverseshell
oscp
c2
command-and-control
oscp-tools
-
Updated
Jun 7, 2020 - Python
An open-source, centralized HTTPS botnet
nodejs
database
bots
botnet
server
xml
logging
hosting
tor
https-server
tor-hidden-services
command-and-control
-
Updated
Apr 2, 2021 - JavaScript
An open-source, centralized HTTPS botnet
-
Updated
Apr 14, 2020 - Pascal
A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
docker
golang
docker-compose
postgresql
entity-framework
offensive-security
c2
command-and-control
redteam
land-before-time
entgo
-
Updated
Feb 27, 2021 - Go
This is the ToRat server, a part of the ToRat Project.
go
tls
cli
golang
server
cross-platform
tor
golang-application
golang-server
remote-admin-tool
hiddenservice
tor-hidden-services
command-and-control
-
Updated
Oct 27, 2019 - Go
This is the ToRat client, a part of the ToRat Project.
cat
go
windows
tls
golang
screenshot
reverse-shell
tor
post-exploitation
payload
golang-application
remote-admin-tool
uac-bypass
command-and-control
persitence
shell-reverse
uacbypass
torat
-
Updated
Oct 27, 2019 - Go
PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
-
Updated
May 9, 2019 - Python
Bifrost C2. Open-source post-exploitation using Discord API
python
windows
macos
linux
discord
discord-bot
encrypted-connections
post-exploitation
pentest
offensive-security
red-team
c2
pentest-tool
command-and-control
command-control
-
Updated
Jun 24, 2021 - Python
Improve this page
Add a description, image, and links to the command-and-control topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the command-and-control topic, visit your repo's landing page and select "manage topics."
Current implementation of
proclistplugin useswin32_ps_list_procs()php function on Windows host.Therefore, linux implementation is a simple
system("ps -a"), which is OPSEC unsafe, an would probably trigger EDR alerts.A better implementation should avoid relying on system command execution.