63 Open Source C2 Software Projects

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Covenant is a collaborative .NET C2 framework for red teamers.

Adversary Emulation Framework

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

A post exploitation framework designed to operate covertly on heavily monitored environments

the c2 programming language

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

A Golang implant that uses Slack as a command and control server

🕳 godoh - A DNS-over-HTTPS C2

Open source pre-operation C2 server based on python and powershell

Starkiller is a Frontend for PowerShell Empire.

DeimosC2 is a Golang command and control framework for post-exploitation.

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Responsive Command and Control System

Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)

Cyberdelia, a Collection of Command and Control frameworks

Check Domain Fronting (chkdfront) - It checks if your domain fronting is working

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

Command and Control server on Slack

Some notes and examples for cobalt strike's functionality

backdoor c2

Simple C2 over the Trello API

Command Line RAT that uses Gmail as its central C2Server. Bypassing common issues, such as the need for port forwarding or proxies.

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

Discord C2 for Redteam....Need a better name

a collection of code snippets and examples

muddyc3_golang

PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.

A cross-platform C2/teamserver supporting multiple transport protocols, written in Go.

Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Small and convenient C2 tool for Windows targets

Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.

link is a command and control framework written in rust

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

PickleC2 is a post-exploitation and lateral movements framework

Decentralised P2P botnet using toxcore.

A Visual Studio Code Extension agent for Mythic C2

Bifrost C2. Open-source post-exploitation using Discord API

proxy your C2 traffic through CDN using websocket

C2 and Post Exploitation Code

Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).

treafik fronted c2 examples

A Remote Administration Tool (RAT)

A tool for helping stand up headless C2 for droppables.

Uses Shodan API to pull down C2 servers to run known exploits on them.

A copy of my little beautiful malware I used in IRSeC 2019

:crossed_swords: :package: An Ubuntu 18.04 box for Mythic C2 framework development

Create Cobalt Strike malleable C2 profiles with HTTPS configs

a simple backdoor in Nim

A botnet (C&C) framework that create in bash and using crontab for periodic execute

flask heroku C2 redirector template

A light C# implant that bypasses Windows Firewall and Defender

C2 server to connect to a victim machine via reverse shell

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

Use pingser to create client and server based on ICMP Protocol to send and receive custom message content.

A C2 post-exploitation framework

Just another useless C2 occupying space in some HDD somewhere.

Windows Remote Administration Tool that uses Discord as C2

An HTTPS beaconing Windows implant and multi-layered proxy C2 network designed for covert APT emulation focused offensive operations

Sukoshi is a proof-of-concept Python implant that leverages the MQTT protocol for C2 and uses AWS IoT Core as infrastructure.

Command and Control that uses NTP as the transport protocol.