c2

Adversary Emulation Framework

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Covenant is a collaborative .NET C2 framework for red teamers.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

A post exploitation framework designed to operate covertly on heavily monitored environments

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

Starkiller is a Frontend for PowerShell Empire.

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

DeimosC2 is a Golang command and control framework for post-exploitation.

Some notes and examples for cobalt strike's functionality

Open source pre-operation C2 server based on python and powershell

the c2 programming language

🕳 godoh - A DNS-over-HTTPS C2

A cross platform C2/post-exploitation framework.

牛屎花 一款基于WEB界面的远程主机管理工具