C2 Search Netlas is a Java utility designed to detect Command and Management (C2) servers utilizing the Netlas API. It supplies a simple and user-friendly CLI interface for looking C2 servers, leveraging the Netlas API to assemble knowledge and course of it domestically.
Utilization
To make the most of this terminal utility, you will want a Netlas API key. Acquire your key from the Netlas web site.
After buying your API key, execute the next command to look servers:
c2detect -t <TARGET_DOMAIN> -p <TARGET_PORT> -s <API_KEY> [-v]
Change <TARGET_DOMAIN>
with the specified IP tackle or area, <TARGET_PORT>
with the port you want to scan, and <API_KEY>
together with your Netlas API key. Use the elective -v
flag for verbose output. For instance, to look on the google.com
IP tackle on port 443
utilizing the Netlas API key 1234567890abcdef
, enter:
c2detect -t google.com -p 443 -s 1234567890abcdef
Launch
To obtain a launch of the utility, comply with these steps:
- Go to the repository’s releases web page on GitHub.
- Obtain the newest launch file (sometimes a JAR file) to your native machine.
- In a terminal, navigate to the listing containing the JAR file.
- Execute the next command to provoke the utility:
java -jar c2-search-netlas-<model>.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>
Docker
To construct and begin the Docker container for this venture, run the next instructions:
docker construct -t c2detect .
docker run -it --rm
c2detect
-s "your_api_key"
-t "your_target_domain"
-p "your_target_port"
-v
Supply
To make use of this utility, you could have a Netlas API key. You may get the important thing from the Netlas web site. Now you’ll be able to construct the venture and run it utilizing the next instructions:
./gradlew construct
java -jar app/construct/libs/c2-search-netlas-1.0-SNAPSHOT.jar --help
This can show the assistance message with obtainable choices. To seek for C2 servers, run the next command:
java -jar app/construct/libs/c2-search-netlas-1.0-SNAPSHOT.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>
This can show an inventory of C2 servers discovered within the given IP tackle or area.
Help
Identify | Help |
---|---|
Metasploit | ✅ |
Havoc | ❓ |
Cobalt Strike | ✅ |
Bruteratel | ✅ |
Sliver | ✅ |
DeimosC2 | ✅ |
PhoenixC2 | ✅ |
Empire | ❌ |
Merlin | ✅ |
Covenant | ❌ |
Villain | ✅ |
Shad0w | ❌ |
PoshC2 | ✅ |
Legend:
- ✅ – Settle for/good assist
- ❓ – Help unknown/unclear
- ❌ – No assist/poor assist
Contributing
If you would like to contribute to this venture, please be happy to create a pull request.
License
This venture is licensed underneath the License – see the LICENSE file for particulars.