c2

Adversary Emulation Framework

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Covenant is a collaborative .NET C2 framework for red teamers.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

A post exploitation framework designed to operate covertly on heavily monitored environments

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.

Starkiller is a Frontend for PowerShell Empire.

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

DeimosC2 is a Golang command and control framework for post-exploitation.

Some notes and examples for cobalt strike's functionality

Open source pre-operation C2 server based on python and powershell

🕳 godoh - A DNS-over-HTTPS C2

the c2 programming language

A cross platform C2/post-exploitation framework.

牛屎花 一款基于WEB界面的远程主机管理工具