本项目用来收集整理C2的相关内容,包括优秀的C2项目代码或优秀的控制思路等。RAT是一门古老的技术,C2是下一代的RAT!不想拿到全世界控制权限的黑客不是好黑客。作者:0e0w
本项目创建于2021年8月19日,最近的一次更新时间为2024年8月10日。
- https://github.com/tcostam/awesome-command-control
- https://github.com/Ignitetechnologies/Command-Control
一、基础书籍
二、视频资源
三、其他资源
- https://github.com/ProfessionallyEvil/C4
- https://github.com/JAYMONSECURITY/JMSec-Agent-RTO
- https://github.com/timb-machine/linux-malware
- https://bbs.pediy.com/thread-273930.htm
- https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc
- https://www.aqniu.com/vendor/93864.html
- https://0xrick.github.io/misc/c2/
- https://github.com/ZeroMemoryEx/C2-Hunter
- C2是什么?远控是什么?流量隧道是什么?C2=远控+流量隧道?
- 优秀的C2是什么?
- Webshell管理工具算不算C2?可以执行命令的就算?
- 理想的C2有什么特征?图形化/自带免杀/匿名隐藏/......
- 远控只是C2的最基本的功能,未来的C2具备自我意识!
- https://github.com/topics/c2
- https://github.com/search?q=Command+and+Control
- https://github.com/topics/command-and-control
- https://github.com/search?q=C2+frameworks
- https://github.com/topics/rat
- https://github.com/search?q=RAT
- https://github.com/alphaSeclab/awesome-rat
- https://github.com/killvxk/awesome-C2
一、Golang
- https://github.com/TerminalJockey/Kudzu
- https://github.com/BishopFox/sliver
- https://github.com/Ne0nd0g/merlin
- https://github.com/tiagorlampert/CHAOS
- https://github.com/Ne0nd0g/merlin-agent
- https://github.com/njcx/gocmd
- https://github.com/EngineerBetter/control-tower
- https://github.com/activecm/rita
- https://github.com/DeimosC2/DeimosC2
- https://github.com/Tylous/SourcePoint
- https://github.com/iimrudy/PrismaController
- https://github.com/timwhitez/Doge-Persistence-Platform
- https://github.com/mthbernardes/GTRS
- https://github.com/sensepost/godoh
- https://github.com/cyberark/kubesploit
- https://github.com/lu4p/ToRat
- https://github.com/lu4p/ToRat_server
- https://github.com/KCarretto/paragon
- https://github.com/degenerat3/meteor
- https://github.com/angus-y/PyIris-backdoor
- https://github.com/aminaxx/bossbash
- https://github.com/geemion/Khepri
- https://github.com/elleven11/pantegana
- https://github.com/maxlandon/wiregost
- https://github.com/CMatri/MeetC2
- https://github.com/phil-fly/generate
- https://github.com/msoap/shell2http
- https://github.com/Maka8ka/NGLite
- https://github.com/veo/vshell
- https://github.com/kgretzky/evilginx2
- https://github.com/EkiXu/reverse-shell-manager
- https://github.com/looCiprian/GC2-sheet
- https://github.com/whitehatnote/BlueShell
- https://github.com/Binject/shellcode
- https://github.com/sairson/SecShell
- https://github.com/fcre1938/Ortau
- https://github.com/jm33-m0/emp3r0r
- https://github.com/ssut/payload-dumper-go
- https://github.com/webxscan/linux_rat
- https://github.com/0x1a8510f2/wraith
- https://github.com/FrenchCisco/RATel
- https://github.com/sairson/sabathe
- https://github.com/aleenzz/BeggarC2
- https://github.com/mosajjal/dnspot
- https://github.com/kensh1ro/Willie-C2
- https://github.com/TRYblog/C2_Demo
- https://github.com/jkstack/natpass
- https://github.com/hudangwei/natpass
- https://github.com/MythicAgents/tetanus
- https://github.com/Phuong39/Ortau
- https://github.com/wraith-labs/wraith
- https://github.com/wikiZ/RedGuard
- https://github.com/burpheart/dnsc2
- https://github.com/newbe3three/gotoexec
- https://github.com/BradHacker/titan
- https://github.com/YDHCUI/manjusaka
- https://github.com/D00Movenok/goMalleable
- https://github.com/Ptkatz/OrcaC2
- https://github.com/WithSecureLabs/C3
- https://github.com/InjectionSoftwareandSecurityLLC/lupo
- https://github.com/Enelg52/KittyStager
- https://github.com/grines/goc2
- https://github.com/SpenserCai/DRat
- https://github.com/HavocFramework/Havoc
- https://github.com/HavocFramework/Talon
- https://github.com/0xTriboulet/Revenant
- https://github.com/xiao-zhu-zhu/noterce
- https://github.com/LsdDance/Homo-Network
- https://github.com/dobin/antnium
- https://github.com/dollarkillerx/civetcat
- https://github.com/hxdyjx/remote
- https://github.com/AuFeng111/linux_c2
- https://github.com/gatariee/Winton
- https://github.com/ClarkQAQ/nrat
- https://github.com/iammaguire/MeetC2
二、Python
- https://github.com/FunnyWolf/Viper
- https://github.com/its-a-feature/Mythic
- https://github.com/Arno0x/WSC2
- https://github.com/r00t-3xp10it/venom
- https://github.com/Coalfire-Research/Slackor
- https://github.com/maldevel/canisrufus
- https://github.com/Ziconius/FudgeC2
- https://github.com/0x09AL/DNS-Persist
- https://github.com/byt3bl33d3r/SILENTTRINITY
- https://github.com/UnkL4b/BabyShark
- https://github.com/th3r4ven/Bifrost
- https://github.com/0xGhazy/F4T3H-WinC2
- https://github.com/m8r0wn/transportc2
- https://github.com/mitre/caldera
- https://github.com/h0mbre/Dali
- https://github.com/byt3bl33d3r/SILENTTRINITY
- https://github.com/Telefonica/ibombshell
- https://github.com/zerosum0x0/koadic
- https://github.com/Marten4n6/EvilOSX
- https://github.com/mhaskar/Octopus
- https://github.com/AdrianVollmer/PowerHub
- https://github.com/slyd0g/SK8PARK
- https://github.com/trustedsec/trevorc2
- https://github.com/n1nj4sec/pupy
- https://github.com/neoneggplant/EggShell
- https://github.com/nil0x42/phpsploit
- https://github.com/loseys/BlackMamba
- https://github.com/Coalfire-Research/Slackor
- https://github.com/daanzu/kaldi-active-grammar
- https://github.com/KCarretto/Arsenal
- https://github.com/PushpenderIndia/nekros
- https://github.com/MythicAgents/venus
- https://github.com/tanc7/dark-lord-obama
- https://github.com/MythicAgents/Medusa
- https://github.com/MythicAgents/merlin
- https://github.com/MythicAgents/venus
- https://github.com/NullCode13/NullRAT
- https://github.com/Ba-hub/GhostRat
- https://github.com/pucarasec/zuthaka
- https://github.com/Cr4sh/MicroBackdoor
- https://github.com/gl4ssesbo1/Nebula
- https://github.com/reveng007/C2_Server
- https://github.com/alysif/SimpleRAT
- https://github.com/bigb0sss/kurosaki-C2
- https://github.com/FortyNorthSecurity/C2concealer
- https://github.com/Ph3nX-Z/WebShell-C2
- https://github.com/Rvn0xsy/Linco2
- https://github.com/mycve/WinController
- https://github.com/t3hbb/NSGenCS
- https://github.com/wavestone-cdt/abaddon
- https://github.com/hash3liZer/SillyRAT
- https://github.com/lapolis/palinka_c2
- https://github.com/mycve/TerminalController
- https://github.com/nathanlopez/Stitch
- https://github.com/5alt/ZeroRAT
- https://github.com/3ct0s/disctopia-c2
- https://github.com/epinna/weevely3
- https://github.com/t3l3machus/hoaxshell
- https://github.com/SaumyajeetDas/GodGenesis
- https://github.com/safesploit/PythonRAT
- https://github.com/doudoudedi/hackEmbedded
- https://github.com/screamz2k/PhoenixC2
- https://github.com/felixweyne/imaginaryC2
- https://github.com/XiaoliChan/RedCaddy
- https://github.com/MiBaLToALeX/ShellOrd
- https://github.com/t3l3machus/Villain
三、Java
- https://github.com/Cobalt-Strike
- https://github.com/LSTS/neptus
- https://github.com/Ramos-dev/OSSTunnel
- https://github.com/swagkarna/Rafel-Rat
- https://github.com/Kr9jd/HotRAT
四、C&C#&C++
- https://github.com/4g3nt47/Striker
- https://github.com/rasta-mouse/SharpC2
- https://github.com/sf197/Telegra_Csharp_C2
- https://github.com/NYAN-x-CAT/AsyncRAT-C-Sharp
- https://github.com/cobbr/Covenant
- https://github.com/onSec-fr/Http-Asynchronous-Reverse-Shell
- https://github.com/quasar/Quasar
- https://github.com/fozavci/petaqc2
- https://github.com/Raffy27/OrionPanel
- https://github.com/uvzz/IERat
- https://github.com/qwqdanchun/DcRat
- https://github.com/moom825/xeno-rat
- https://github.com/ryhanson/ExternalC2
- https://github.com/sogonsec/ViolentFungus-C2
- https://github.com/xdnice/PCShare
- https://github.com/sysrom/DcRatCHS
- https://github.com/A-D-Team/SharpMemshell
- https://github.com/void-stack/Orcus-1.9.1-src
- https://github.com/FULLSHADE/WARFOX-C2
- https://github.com/antonioCoco/ConPtyShell
- https://github.com/Gr1mmie/AtlasC2
- https://github.com/FSecureLABS/C3
- https://github.com/monoxgas/FlyingAFalseFlag
- https://github.com/SafeBreach-Labs/pinjectra
- https://github.com/bats3c/shad0w
- https://github.com/iagox86/dnscat2
- https://github.com/bigBestWay/dnstunnel
- https://github.com/pwn1sher/uuid-loader
- https://github.com/h3xduck/TripleCross
- https://github.com/capt-meelo/laZzzy
- https://github.com/TheD1rkMtr/GithubC2
- https://github.com/SecurityNo1/Gh0st2023
- https://github.com/DragoQCC/HardHatC2
- https://github.com/Idov31/Nidhogg
- https://github.com/Idov31/Sandman
- https://github.com/satadriver/myLittleBear
- https://github.com/DarkCoderSc/SharpFtpC2
- https://github.com/r3nhat/GRAT2
- https://github.com/F-Society-Freaks/AndroSpy
- https://github.com/DannyTheSloth/VanillaRAT
- https://github.com/NYAN-x-CAT/Mass-RAT
- https://github.com/p3nt4/Nuages
- https://github.com/enkomio/AlanFramework
- https://github.com/HackerCalico/Magic_C2
- https://github.com/iyzyi/MUA-Remote-Access-Trojan-V2
五、Rust
- https://github.com/postrequest/link
- https://github.com/b23r0/Heroinn
- https://github.com/b1tg/Ox-C2
六、Nim
- https://github.com/d4rckh/nimc2
- https://github.com/chvancooten/NimPlant
- https://github.com/itaymigdal/Nimbo-C2
七、PHP
八、Powershell
- https://github.com/ahmedkhlief/Ninja
- https://github.com/BC-SECURITY/Empire
- https://github.com/nettitude/PoshC2
- https://github.com/r00t-3xp10it/meterpeter
- https://github.com/xRET2pwn/PickleC2
- https://github.com/alexfrancow/badusb_botnet
- https://github.com/Raffy27/OrionServer
- https://github.com/JoelGMSec/PSRansom
九、Other
- https://github.com/rapid7/metasploit-framework
- https://github.com/0x727/MetasploitCoop_0x727
- https://github.com/Project-Prismatica/Prismatica
- https://github.com/jephthai/EvilVM
- https://github.com/KINGSABRI/chkdfront
- https://github.com/Raffy27/OrionBot
- https://github.com/MisterTea/EternalTerminal
- https://github.com/sneakerhax/C2PE
- https://github.com/0x727/SchTask_0x727
- https://github.com/preludeorg/community
- https://github.com/Arno0x/DBC2
- https://github.com/lcvvvv/backway
- https://github.com/AlphabugX/nopen
- https://github.com/Tomiwa-Ot/moukthar
- https://github.com/aplyc1a/NTPShell
- https://github.com/wraith-labs/wraith-dcc2
- https://github.com/yzddmr6/Java-Shellcode-Loader
- https://github.com/FlyfishSec/rsGen
- https://bruteratel.com
- https://github.com/JohnHammond/c2c2
- https://github.com/tdragon6/Supershell
- https://github.com/INotGreen/XiebroC2
一、C2原理
二、C2加密
- https://thestack.technology/from-c2-to-c3
- https://www.foregenix.com/blog/a-first-look-at-todays-command-and-control-frameworks
- https://www.thec2matrix.com
- http://ask.thec2matrix.com
- https://threatexpress.com/blogs/2019/c2-agent-comparison
- https://www.varonis.com/blog/what-is-c2
- https://www.thec2matrix.com/matrix
- https://awesomeopensource.com/projects/c2
