C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally.
To utilize this terminal utility, you’ll need a Netlas API key. Obtain your key from the Netlas website.
After acquiring your API key, execute the following command to search servers:
c2detect -t <TARGET_DOMAIN> -p <TARGET_PORT> -s <API_KEY> [-v]
Replace <TARGET_DOMAIN>
with the desired IP address or domain, <TARGET_PORT>
with the port you wish to scan, and <API_KEY>
with your Netlas API key. Use the optional -v
flag for verbose output. For example, to search at the google.com
IP address on port 443
using the Netlas API key 1234567890abcdef
, enter:
c2detect -t google.com -p 443 -s 1234567890abcdef
To download a release of the utility, follow these steps:
java -jar c2-search-netlas-<version>.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>
To build and start the Docker container for this project, run the following commands:
docker build -t c2detect .
docker run -it --rm \
c2detect \
-s "your_api_key" \
-t "your_target_domain" \
-p "your_target_port" \
-v
To use this utility, you need to have a Netlas API key. You can get the key from the Netlas website. Now you can build the project and run it using the following commands:
./gradlew build
java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar --help
This will display the help message with available options. To search for C2 servers, run the following command:
java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>
This will display a list of C2 servers found in the given IP address or domain.
Name | Support |
---|---|
Metasploit | ✅ |
Havoc | ❓ |
Cobalt Strike | ✅ |
Bruteratel | ✅ |
Sliver | ✅ |
DeimosC2 | ✅ |
PhoenixC2 | ✅ |
Empire | ❌ |
Merlin | ✅ |
Covenant | ❌ |
Villain | ✅ |
Shad0w | ❌ |
PoshC2 | ✅ |
Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…