Flexible + covert C2 framework for pentesters

purchase discover

        Excellent IDS evasion

Create implants that can employ various sandbox detection methods, experimental hardware disruptors and active evasion techniques (such as empty buffer alocation, memory jumping, execution delay and self-removal). Read more about latest functionalities in v.2.0 introductory article.



Compatible with most operating systems and CPU architectures, implants can be compiled for a multitide of environments with minimal dependencies.

    Encrypted data exchange

All of the traffic between C2 server and the implant is TLS compliant. Self-signed certificates are created during each execution, and are embedded in the implant as variables before the compilation phase.


  Control multiple machines. From anywhere.

Implants compiled with enabled tunneling can communicate with a server that listens on a separate network segment. Send instructions to selected endpoints worldwide and receive output in real time.


  Various modules

Grab keystrokes, extract sensitive data, scan ports and dump passwords using intuitive CLI with tab-completion and suggestions.


  Detailed user's manual

Explains basic concepts and shows possible use cases of each option.

  Support, updates and issue resolving

If you have any questions regarding this tool or something does not work as expected, we are here to help.


  Low detection rate

Implant's source is heavily obfuscated before compilation, which makes it's detection relatively harder for AV vendors.