Top 23 C2 Open-Source Projects

• sliver

  20 7,551 9.6 Go

  Adversary Emulation Framework

  

Project mention: With VPN's such as Twin Gate and TailScale, why open ports to expose services to the internet? | /r/selfhosted | 2023-07-05

IDK if you are too young to remember the fallout from Snowden, but the Kremlin threw out entire rooms computers and for a time used actual typewriters. Because those computers had, more or less, twingate connectors on them. That's a bit of a rich example, but you're essentially installing what sliver calls an implant, what meterpreter calls a payload, and what Cobalt Strike calls a beacon. It's cool if you want to, but there's no need when you can just open a port with the same technology a Fortune 50 does.

• merlin

  1 4,932 8.2 Go

  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. (by Ne0nd0g)

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• Covenant

  10 3,950 0.0 C#

  Covenant is a collaborative .NET C2 framework for red teamers.

Project mention: Effective Adversary Emulation | dev.to | 2023-11-27

Covenant C2: https://github.com/cobbr/Covenant

• Empire

  8 3,907 9.1 PowerShell

  Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. (by BC-SECURITY)

  

Project mention: Opinion on best c2 to learn for resume (open sourced) | /r/redteamsec | 2023-05-12

• Villain

  2 3,563 7.7 Python

  Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

• black-hat-rust

  48 3,047 4.3 Rust

  Applied offensive security with Rust - https://kerkour.com/black-hat-rust

  

Project mention: Cloudflare for Speed and Security | /r/CloudFlare | 2023-10-20

Bonuses: If you purchase Cloudflare for Speed and Security before November 4, 2023, you'll get my bestseller, Black Hat Rust, for free! Yes, you read it right, two books for less than the price of one!

• shad0w

  2 1,981 0.0 C

  A post exploitation framework designed to operate covertly on heavily monitored environments

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• PoshC2

  1 1,692 0.0 PowerShell

  A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

  

• Starkiller

  2 1,264 8.1 Vue

  Starkiller is a Frontend for PowerShell Empire.

  

• kubesploit

  23 1,071 0.0 Go

  Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

  

• manjusaka

  1 746 4.4 Rust

  牛屎花 一款基于WEB界面的远程主机管理工具

• Octopus

  1 710 1.8 Python

  Open source pre-operation C2 server based on python and powershell

• Heroinn

  2 618 10.0 Rust

  A cross platform C2/post-exploitation framework.

• MicroBackdoor

  1 547 2.6 C++

  Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]

• GC2-sheet

  1 486 4.4 Go

  GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

• AlanFramework

  4 458 3.2 Assembly

  A C2 post-exploitation framework

• PSRansom

  1 441 2.5 PowerShell

  PowerShell Ransomware Simulator with C2 Server

• Nebula

  1 354 0.0 Python

  Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components. (by gl4ssesbo1)

• dystopia-c2

  1 340 6.9 Python

  Windows Remote Administration Tool that uses Discord, Telegram and GitHub as C2s

• Nimbo-C2

  1 296 8.3 Nim

  Nimbo-C2 is yet another (simple and lightweight) C2 framework

• PhoenixC2

  2 287 7.2 Python

  Command & Control-Framework created for collaboration in python3

  

• SharpGmailC2

  1 252 10.0 C#

  Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol

• RedditC2

  2 250 10.0 Python

  Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

C2 related posts

• Secure authentication over unencrypted connection
  1 project | /r/cybersecurity | 4 Jun 2023
• Opinion on best c2 to learn for resume (open sourced)
  1 project | /r/redteamsec | 12 May 2023
• Next stage of training
  1 project | /r/redteamsec | 29 Apr 2023
• NetAtlas C2 Server Search - A Comprehensive Tool for Detecting C2 Servers with Listener and External Search Capabilities
  1 project | /r/hacking | 21 Apr 2023
• NetAtlas C2 Server Search - A Comprehensive Tool for Detecting C2 Servers with Listener and External Search Capabilities
  1 project | /r/ReverseEngineering | 21 Apr 2023
• NetAtlas C2 Server Search - A CLI Tool for Detecting C2 Servers
  1 project | /r/cybersecurity | 21 Apr 2023
• Introducing NetAtlas C2 Server Search: A CLI Utility to Detect C2 Servers
  1 project | /r/sysadmin | 21 Apr 2023
• A note from our sponsor - SaaSHub
  www.saashub.com | 26 Apr 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com