awesome-command-control
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assignments.
https://github.com/tcostam/awesome-command-control
Last synced: 12 days ago
JSON representation
-
Articles
-
Online Resources
-
Tools
-
Commercial
- Innuendo
- Scythe
- Cobalt Strike
- Red Team Toolkit (or Slingshot)
- Voodoo
- Voodoo
- Voodoo
- Red Team Toolkit (or Slingshot)
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Red Team Toolkit (or Slingshot)
- Voodoo
- Voodoo
- Red Team Toolkit (or Slingshot)
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
- Voodoo
-
Open Source
- Faction C2
- Koadic (or COM Command & Control) - exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire.
- Prismatica
- SharpC2
- Void-RAT
- Apfell - platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI.
- AsyncRat C#
- Baby Shark
- C3
- Caldera
- CHAOS
- Dali - based C2 channel which utilizes Imgur to host images and task agents.
- Empire - exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent
- Covenant
- Silent Trinity - exploitation agent powered by Python, IronPython, C#/.NET.
- Flying A False Flag
- FudgeC2
- Godoh
- iBombshell
- HARS
- MacShellSwift
- Ninja
- NorthStarC2 - source command and control framework developed for penetration testing and red teaming purposes.
- EvilOSX
- Nuages
- Octopus - operation C2 server based on python which can control an Octopus powershell agent through HTTP/S.
- PoshC2 - exploitation and lateral movement
- Powerhub
- QuasarRAT - weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you.
- Merlin - platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
- Sliver - platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS.
- SK8PARK/RAT
- Throwback
- Trevor C2
- Metasploit Framework
- Meterpreter
- Pupy - platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python.
- PetaQ
- Pinjectra - bit) in a "mix and match" style.
- ReverseTCPShell
- SHAD0W
- Gcat
- DNScat2 - and-control (C&C) channel over the DNS protocol.
- EggShell
- EvilVM
- iBombshell
- C3
- EggShell
- WEASEL - memory implant using Python 3 with no dependencies.
- Apfell - platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI.
- Faction C2
- MacShellSwift
- Ninja
-
-
Videos
-
Commercial
-
Programming Languages
Categories
Sub Categories
Keywords
c2
9
post-exploitation
6
red-team
5
pentesting
4
reverse-shell
4
python
4
rat
4
powershell
4
dotnet
4
python3
4
command-and-control
4
golang
4
remote-admin-tool
4
security
3
security-tools
3
backdoor
3
redteam
3
macos
2
cybersecurity
2
hacking
2
remote
2
remote-control
2
c-sharp
2
meterpreter
2
payload
2
windows
2
http
2
implant
2
dns
2
empire
1
caldera
1
mitre
1
hacking-tool
1
chaos
1
security-testing
1
mitre-attack
1
mitre-corporation
1
security-automation
1
remote-administration-tool
1
agent
1
http2
1
adversarial-attacks
1
adversary-simulation
1
dns-server
1
gplv3
1
red-team-engagement
1
red-teaming
1
sliver
1
c
1
docker
1