Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
-
Updated
Jul 8, 2021 - Go
#
command-and-control
Here are 69 public repositories matching this topic...
ipsets dynamically updated with firehol's update-ipsets.sh script
-
Updated
Aug 1, 2021 - Shell
Adversary Emulation Framework
dns
golang
http
gplv3
dns-server
sliver
red-team
security-tools
c2
red-team-engagement
command-and-control
implant
adversarial-attacks
red-teaming
adversary-simulation
-
Updated
Jul 31, 2021 - Go
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
rat
malware-analysis
c2
command-and-control
remote-access-tool
remote-administration-tool
command-control
rat-analysis
rat-malware
-
Updated
Feb 17, 2020
C2/post-exploitation framework
python
pyqt5
python3
spyware
post-exploitation
pentest
offensive-security
red-team
security-tools
pentest-tool
command-and-control
qtframework
-
Updated
Jul 28, 2021 - Python
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
windows
linux
golang
reverse-shell
cross-platform
persistence
tor
rpc
transport
rat
keylogger
post-exploitation
payload
privilege-escalation
remote-admin-tool
uac-bypass
command-and-control
shell-reverse
reverse-shells
uacbypass
-
Updated
Jul 23, 2021 - Go
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
agent
kubernetes
golang
security
containers
http2
post-exploitation
security-tools
c2
penetration-testing-framework
command-and-control
red-teams
penetration-testing-tools
redteam-tools
-
Updated
Jun 20, 2021 - Go
-
Updated
Jan 24, 2021 - Go
A Golang implant that uses Slack as a command and control server
python
golang
penetration-testing
pentest
red-team
remote-admin-tool
c2
command-and-control
penetration-testing-tools
-
Updated
Apr 7, 2021 - Python
Python Kaldi speech recognition with grammars that can be set active/inactive dynamically at decode-time
python
grammars
voice
voice-commands
coding
speech-recognition
speech-to-text
kaldi
voice-control
dictation
command-and-control
kaldi-asr
voice-coding
kaldi-grammar
-
Updated
Jul 11, 2021 - Python
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
security
powershell
python3
cybersecurity
post-exploitation
offensive-security
security-tools
c2
command-and-control
redteam
implant
purpleteam
readteaming
-
Updated
Mar 25, 2021 - Python
link is a command and control framework written in rust
-
Updated
Jul 9, 2021 - Rust
Open
Standalone Docker
KCarretto
commented
Apr 22, 2020
Create a standalone docker container such that a demo instance of the project can be setup using only docker run
Extensible Red Team Framework
-
Updated
Dec 2, 2019 - Python
A simple, extensible C&C beaconing system.
-
Updated
Feb 13, 2018 - Go
An open-source, centralized HTTPS botnet
-
Updated
Apr 14, 2020 - C#
NekRos is an Open-Source Ransomeware, with advanced Features, Which Looks Like Wannacry and Has C&C Server which can be Used to Retrive KEY
python
windows
fast
open-source
gui
server
python3
kali-linux
database-manager
command-and-control
wannacry
ransomeware
technowlogy
pushpender
pushpender-singh
nekros
parratsec
ransomeware-generator
uncrackable-key
-
Updated
Jan 10, 2021 - Python
arduino
twitch
streaming
remote-control
twitter
telegram
botnet
powershell
hacking
infosec
keylogger
atmega32u4
whatsapp-web
badusb
command-and-control
-
Updated
Dec 20, 2019 - PowerShell
Check Domain Fronting (chkdfront) - It checks if your domain fronting is working
-
Updated
Jun 26, 2021 - Ruby
PickleC2 is a post-exploitation and lateral movements framework
-
Updated
Jul 26, 2021 - PowerShell
mattreduce
commented
Feb 28, 2021
Now that there are more than a couple of commands and complexity is increasing. Place each command's source into its own file then pull into extension.js. Will need some sort of command name to function mapping.
AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
python
encoding
obfuscation
encryption
hacking
penetration-testing
rat
pentesting
reverseshell
oscp
c2
command-and-control
oscp-tools
-
Updated
Jun 7, 2020 - Python
An open-source, centralized HTTPS botnet
nodejs
database
bots
botnet
server
xml
logging
hosting
tor
https-server
tor-hidden-services
command-and-control
-
Updated
Apr 2, 2021 - JavaScript
An open-source, centralized HTTPS botnet
-
Updated
Apr 14, 2020 - Pascal
A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
docker
golang
docker-compose
postgresql
entity-framework
offensive-security
c2
command-and-control
redteam
land-before-time
entgo
-
Updated
Feb 27, 2021 - Go
This is the ToRat server, a part of the ToRat Project.
go
tls
cli
golang
server
cross-platform
tor
golang-application
golang-server
remote-admin-tool
hiddenservice
tor-hidden-services
command-and-control
-
Updated
Oct 27, 2019 - Go
This is the ToRat client, a part of the ToRat Project.
cat
go
windows
tls
golang
screenshot
reverse-shell
tor
post-exploitation
payload
golang-application
remote-admin-tool
uac-bypass
command-and-control
persitence
shell-reverse
uacbypass
torat
-
Updated
Oct 27, 2019 - Go
PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
-
Updated
May 9, 2019 - Python
Bifrost C2. Open-source post-exploitation using Discord API
python
windows
macos
linux
discord
discord-bot
encrypted-connections
post-exploitation
pentest
offensive-security
red-team
c2
pentest-tool
command-and-control
command-control
-
Updated
Jun 24, 2021 - Python
Improve this page
Add a description, image, and links to the command-and-control topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the command-and-control topic, visit your repo's landing page and select "manage topics."
Current implementation of
proclistplugin useswin32_ps_list_procs()php function on Windows host.Therefore, linux implementation is a simple
system("ps -a"), which is OPSEC unsafe, an would probably trigger EDR alerts.A better implementation should avoid relying on system command execution.