Are you looking for Open Source C2 Post-Exploitation Frameworks?

  • November 14, 2021
  • By Cyberarch Admin

Post explosion tool, Powershell Empire would no longer be supported by its authors. So we want some alternatives for that right. and here we, Cyberarch giving a list of open-source C2 post-exploitation frameworks which have great support from the community. So if you are looking for some you are at the correct place.

What is PSEmpire?

PSEmpire is a great tool with a wide variety of uses in the Information Security community including learning, red teaming and even more nefarious uses such as being used by the Ryuk Ransomware.

This list contains all the other options available to you to elevate your Post exploitation experience in multiple OS. the list is based on alphabetical order( not in the top to bottom with the service they provide ). so you can use any of them.



A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user-friendly interface for operators, managers, and reporting throughout mac and Linux based red teaming.

Check out more about APfell version 1.2.


Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a web-based interface. Check out more about Convenant



Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptological-secure communications and flexible architecture.

On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.Check out more about EmpireProject


Faction C2

Faction is a C2 framework for security professionals, providing an easy way to extend and interact with agents. It focuses on providing an easy, stable, and approachable platform for C2 communications through well-documented REST and Socket.IO APIs. Check out more about Faction C2


godoh is a proof of concept Command and Control framework, written in Golang, that uses DNS-over-HTTPS as a transport medium. Currently, supported providers include Google, Cloudflare but also contains the ability to use traditional DNS. Check out more about goDoH


ibombshell is a tool written in Powershell that allows you to have a prompt at any time with post-exploitation functionalities (and in some cases exploitation). It is a shell that is downloaded directly to memory providing access to a large number of pentesting features. These functionalities can be downloaded directly to memory, in the form of a Powershell function. This form of execution is known as everywhere.

In addition, ibombshell provides a second execution mode called Silently, so the pentester can execute an instance of ibombshell (called warrior). The compromised computer will be connected to a C2 panel through HTTP. Therefore, it will be possible to control the warrior and be able to load functions in memory that help the pentester. This is happening within the post-exploitation phase.Check out more about iBombshell


Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host (a.k.a. JScript/VBScript), with compatibility in the core to support a default installation of Windows 2000 with no service packs (and potentially even versions of NT4) all the way through Windows 10.

Check out more about Koadic


Merlin is a cross-platform post-exploitation HTTP/2 Command & Control  server and agent written in golang. Check out more about Merlin

Recent Articles

Got hacked? Speak to our security consultant.

Get in Touch
Scroll Top