Havoc – Modern and malleable post-exploitation command and control framework

Main / Havoc – Modern and malleable post-exploitation command and control framework

Discription

[![](https://blogger.googleusercontent.com/img/a/AVvXsEgmN9Sr4S1OW5dtSoe8SlW8gaiTTYaIaOdySiRmBKTA1G4yoFZl7hv9IZo1mAIkwzabEfKpkoUaA3OaFYavgLaFKjf_krLv0HATwlUAYMmQPSyBmzEoF_1crJMqh4jfF7W-yxtoh1iuXoVnH4FFzwiilYzZ0GwTB0H1GBFiSJzFbnVUskcV7OjGpAKeIw=w640-h342)]()

[![](https://blogger.googleusercontent.com/img/a/AVvXsEivkG4M70E3QNybLUG0xQmgGml8y7svVJRgy4QPSkYF9e7DBUbMFCzDQJLvPRn1PM7Nb2WDwNE5O2ScNCfQ8QEcW0BtAvbyV9ow1GnR2CvxiknGhAeZRSymX3mOqhXU9KgqXTaAy9iQ8FRm5-eyBYHFQXkzOGLQ9EBFREj3rIYIdxNYB31ibFeCSzGfnA=w640-h280)]()

_
_

_Havoc is a modern and malleable [post-exploitation]( “post-exploitation” ) command and control framework, created by [@C5pider]( “@C5pider” )._

> Havoc is in an early state of release. Breaking changes may be made to APIs/core structures as the framework matures.

### Support

Consider supporting C5pider on [Patreon]( “Patreon” )/[Github Sponsors]( “Github Sponsors” ). Additional features are planned for supporters in the future, such as custom agents/plugins/commands/etc.

### Quick Start

> Please see the [Wiki]( “Wiki” ) for complete documentation.

Havoc works well on [Debian]( “Debian” ) 10/11, Ubuntu 20.04/22.04 and [Kali]( “Kali” ) Linux. It’s recommended to use the latest versions possible to avoid issues. You’ll need a modern version of Qt and Python 3.10.x to avoid build issues.

See the [Installation]( “Installation” ) guide in the Wiki for instructions. If you run into issues, check the [Known Issues]( “Known Issues” ) page as well as the open/closed [Issues]( “Issues” ) list.

### Features

#### Client

> Cross-platform UI written in C++ and Qt

* Modern, dark theme based on [Dracula]( “Dracula” )

#### Teamserver

> Written in Golang

* Multiplayer
* Payload generation (exe/shellcode/dll)
* HTTP/HTTPS listeners
* Customizable C2 profiles
* External C2

#### Demon

> Havoc’s flagship agent written in C and ASM

* Sleep [Obfuscation]( “Obfuscation” ) via [Ekko]( “Ekko” ) or [FOLIAGE]( “FOLIAGE” )
* x64 return address spoofing
* Indirect [Syscalls]( “Syscalls” ) for Nt* APIs
* SMB support
* Token vault
* Variety of built-in post-exploitation commands

[]( “The Havoc Framework (19)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEiR6A4QzoHViT1AUmaffKlmQJwcoP1VyaV5guZ2QueSbzd1FNQ8zQXnPQV4bcMILfeXJ8ln0XdhXSh3wCwgoGQG1lFegi8lOmZD1_i95NF9A1vl44JhLwPx78ZwBnWe9lrlQ8y3_1UoLCCM484j34S0YdcIM19PiVikWO74ukAV34ewqBv5c_29V4ZEKA=w640-h442)]()

#### Extensibility

* [External C2]( “External C2” )
* Custom Agent Support
* [Talon]( “Talon” )
* [Python API]( “Python API” )
* [Modules]( “Modules” )

### Community

You can join the official [Havoc Discord]( “Havoc Discord” ) to chat with the community!

### Contributing

To contribute to the Havoc Framework, please review the guidelines in [Contributing.md]( “Contributing.md” ) and then open a pull-request!

**[Download Havoc]( “Download Havoc” )**Read More

References

Back to Main

Subscribe for the latest news: