SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 C2 Open-Source Projects
-
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. (by Ne0nd0g)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. (by BC-SECURITY)
-
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
-
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
-
GC2-sheet
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.
-
Nebula
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components. (by gl4ssesbo1)
-
SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
-
RedditC2
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: With VPN's such as Twin Gate and TailScale, why open ports to expose services to the internet? | /r/selfhosted | 2023-07-05IDK if you are too young to remember the fallout from Snowden, but the Kremlin threw out entire rooms computers and for a time used actual typewriters. Because those computers had, more or less, twingate connectors on them. That's a bit of a rich example, but you're essentially installing what sliver calls an implant, what meterpreter calls a payload, and what Cobalt Strike calls a beacon. It's cool if you want to, but there's no need when you can just open a port with the same technology a Fortune 50 does.
Covenant C2: https://github.com/cobbr/Covenant
Bonuses: If you purchase Cloudflare for Speed and Security before November 4, 2023, you'll get my bestseller, Black Hat Rust, for free! Yes, you read it right, two books for less than the price of one!
C2 related posts
- Secure authentication over unencrypted connection
- Opinion on best c2 to learn for resume (open sourced)
- Next stage of training
- NetAtlas C2 Server Search - A Comprehensive Tool for Detecting C2 Servers with Listener and External Search Capabilities
- NetAtlas C2 Server Search - A Comprehensive Tool for Detecting C2 Servers with Listener and External Search Capabilities
- NetAtlas C2 Server Search - A CLI Tool for Detecting C2 Servers
- Introducing NetAtlas C2 Server Search: A CLI Utility to Detect C2 Servers
-
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024
Index
What are some of the best open-source C2 projects? This list will help you:
Project | Stars | |
---|---|---|
1 | sliver | 7,551 |
2 | merlin | 4,932 |
3 | Covenant | 3,950 |
4 | Empire | 3,907 |
5 | Villain | 3,563 |
6 | black-hat-rust | 3,047 |
7 | shad0w | 1,981 |
8 | PoshC2 | 1,692 |
9 | Starkiller | 1,264 |
10 | kubesploit | 1,071 |
11 | manjusaka | 746 |
12 | Octopus | 710 |
13 | Heroinn | 618 |
14 | MicroBackdoor | 547 |
15 | GC2-sheet | 486 |
16 | AlanFramework | 458 |
17 | PSRansom | 441 |
18 | Nebula | 354 |
19 | dystopia-c2 | 340 |
20 | Nimbo-C2 | 296 |
21 | PhoenixC2 | 287 |
22 | SharpGmailC2 | 252 |
23 | RedditC2 | 250 |
Sponsored