63 Open Source C2 Software Projects
Free and open source c2 code projects including engines, APIs, generators, and tools.
Ne0nd0g Merlin 3590 ⭐
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Phpsploit 1549 ⭐
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Shad0w 1573 ⭐
A post exploitation framework designed to operate covertly on heavily monitored environments
Poshc2 1034 ⭐
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Fudgec2 204 ⭐
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Shadow Workers 125 ⭐
Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
Gcat 17 ⭐
Command Line RAT that uses Gmail as its central C2Server. Bypassing common issues, such as the need for port forwarding or proxies.
Transportc2 21 ⭐
PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Geemion Khepri 1203 ⭐
Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
Gl4ssesbo1 Nebula 197 ⭐
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
Credphish 185 ⭐
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
Lp Db 28 ⭐
Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).
Mythic Crate 11 ⭐
:crossed_swords: :package: An Ubuntu 18.04 box for Mythic C2 framework development
Crontab_botnet 11 ⭐
A botnet (C&C) framework that create in bash and using crontab for periodic execute
Gc2 Sheet 125 ⭐
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.
Pingser 11 ⭐
Use pingser to create client and server based on ICMP Protocol to send and receive custom message content.
Warfox 107 ⭐
An HTTPS beaconing Windows implant and multi-layered proxy C2 network designed for covert APT emulation focused offensive operations
Sukoshi 21 ⭐
Sukoshi is a proof-of-concept Python implant that leverages the MQTT protocol for C2 and uses AWS IoT Core as infrastructure.