- Notifications
You must be signed in to change notification settings - Fork848
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
License
Ne0nd0g/merlin
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go.
Highlighted features:
- merlin-cli command line interface over gRPC to connect to the Merlin Server facilitating multi-user support
- Supported Agent C2 Protocols: http/1.1 clear-text, http/1.1 over TLS, HTTP/2, HTTP/2 clear-text (h2c), http/3 (http/2 over QUIC)
- Peer-to-peer (P2P) communication between Agents with bind or reverse for SMB, TCP, and UDP
- Configurable agent data encoding and encryption transforms: AES, Base64, gob, hex, JWE, RC4, and XOR
- JWE transform usePBES2_HS512_A256KW PBES2 (RFC 2898) with HMACSHA-512 as the PRF and AES Key Wrap (RFC 3394) using 256-bit keys for the encryption scheme
- Configurable agent authenticators:
- None: No authentication
- OPAQUE: Asymmetric Password Authenticated Key Exchange (PAKE)
- Encrypted JWT for message authentication
- Configurable Agent message datapaddingto combat beaconing detections based on a fixed message size
- Execute .NET assemblies in-process with
invoke-assemblyor in a sacrificial process withexecute-assembly - Execute arbitrary Windows executables (PE) in a sacrificial process with
execute-pe - Various shellcode execution techniques: CreateThread, CreateRemoteThread, RtlCreateUserThread, QueueUserAPC
- IntegratedDonut,sRDI,andSharpGen support
- Dynamically change the Agent'sJA3 hash
- Mythic support
- Documentation & Wiki
An introductory blog post can be found here:https://medium.com/@Ne0nd0g/introducing-merlin-645da3c635a
Supporting Repositories:
- Merlin Agent - Agent source code
- Merlin Agent DLL - Agent DLL source code
- Merlin CLI - Command line interface for Merlin
- Merlin Documentation - Documentation source code
- Merlin on Mythic - Merlin agent for Mythic Framework
- Merlin Docker - Base Docker image for for Merlin images
- Merlin Message - A Go library for Merlin messages exchanged between a Merlin Server and Agent
Download the latest version of Merlin Server from thereleases section
The Server package contains compiled versions of the CLI and Agent for all the major operating systems in the
data/bindirectoryExtract the files with 7zip using the
xfunctionThe password is:merlinStart Merlin
Start the CLI
Configure alistener
Deploy an agent. SeeAgent Execution Quick Start Guide for examples
Pwn, Pivot, Profit
mkdir /opt/merlin;cd /opt/merlinwget https://github.com/Ne0nd0g/merlin/releases/latest/download/merlinServer-Linux-x64.7z7z x merlinServer-Linux-x64.7zsudo ./merlinServer-Linux-x64./data/bin/merlinCLI-Linux-x64
Merlin can be integrated and used as an agent with theMythic acollaborative, multi-platform, red teaming framework.
Visit theMerlin on Mythic repository in the MythicAgents organizationto get started.
- To compile Merlin from source, view theCustom Build page
- For a full list of available commands:
- View theFrequently Asked Questions page
- View theBlog Posts page for additional information
Join the#merlin channel in theBloodHoundGang Slack to ask questions,troubleshoot, or provide feedback.
Thanks toJetBrains for kindly sponsoring Merlin by providing a Goland IDEOpen Source license
About
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Topics
Resources
License
Contributing
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Packages0
Uh oh!
There was an error while loading.Please reload this page.
Contributors15
Uh oh!
There was an error while loading.Please reload this page.