This repository provides a comprehensive collection of Command and Control (C2) frameworks designed for red teaming, penetration testing, and adversary emulation. C2 frameworks are essential tools used by security professionals to simulate real-world cyber threats, manage compromised systems, and test an organization's defense mechanisms.
With the increasing sophistication of cybersecurity threats, modern C2 frameworks offer advanced capabilities such as secure encrypted communications, modular payloads, multi-platform support, and seamless operator collaboration. These tools allow penetration testers and red teams to establish covert communication channels, execute post-exploitation commands, and evade detection by modern security defenses.
This repository includes two powerful and widely used C2 frameworks:
- Havoc – A feature-rich, stealthy C2 framework with advanced encryption, modular payloads, and real-time collaboration for red teams. Havoc Installation
- Merlin – A cross-platform C2 framework designed for stealth and evasion, offering robust command execution and flexible listener configurations. Merlin Documentation
- Secure and encrypted communications
- Modular and customizable payloads
- Multi-user collaboration
- Support for various operating systems
- Flexible listener configurations