C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally.
To utilize this terminal utility, you’ll need a Netlas API key. Obtain your key from the Netlas website.
After acquiring your API key, execute the following command to search servers:
c2detect -t <TARGET_DOMAIN> -p <TARGET_PORT> -s <API_KEY> [-v]
Replace <TARGET_DOMAIN>
with the desired IP address or domain, <TARGET_PORT>
with the port you wish to scan, and <API_KEY>
with your Netlas API key. Use the optional -v
flag for verbose output. For example, to search at the google.com
IP address on port 443
using the Netlas API key 1234567890abcdef
, enter:
c2detect -t google.com -p 443 -s 1234567890abcdef
To download a release of the utility, follow these steps:
java -jar c2-search-netlas-<version>.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>
To build and start the Docker container for this project, run the following commands:
docker build -t c2detect .
docker run -it --rm \
c2detect \
-s "your_api_key" \
-t "your_target_domain" \
-p "your_target_port" \
-v
To use this utility, you need to have a Netlas API key. You can get the key from the Netlas website. Now you can build the project and run it using the following commands:
./gradlew build
java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar --help
This will display the help message with available options. To search for C2 servers, run the following command:
java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>
This will display a list of C2 servers found in the given IP address or domain.
Name | Support |
---|---|
Metasploit | ✅ |
Havoc | ❓ |
Cobalt Strike | ✅ |
Bruteratel | ✅ |
Sliver | ✅ |
DeimosC2 | ✅ |
PhoenixC2 | ✅ |
Empire | ❌ |
Merlin | ✅ |
Covenant | ❌ |
Villain | ✅ |
Shad0w | ❌ |
PoshC2 | ✅ |
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…