NetAtlas C2 Server Search | Search For C2 Servers Based On Netlas

Tools & Scripts
, ,
1

image
image640×185 56.7 KB

NetAtlas C2 Server Search

Build Status License Junit Jupiter Gradle Codacy Badge Codacy Badge Docker Image Size

C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally.

asciicast

Usage

To utilize this terminal utility, you’ll need a Netlas API key. Obtain your key from the Netlas website.

After acquiring your API key, execute the following command to search servers:

c2detect -t <TARGET_DOMAIN> -p <TARGET_PORT> -s <API_KEY> [-v]

Replace <TARGET_DOMAIN> with the desired IP address or domain, <TARGET_PORT> with the port you wish to scan, and <API_KEY> with your Netlas API key. Use the optional -v flag for verbose output. For example, to search at the google.com IP address on port 443 using the Netlas API key 1234567890abcdef, enter:

c2detect -t google.com -p 443 -s 1234567890abcdef

Release

To download a release of the utility, follow these steps:

  • Visit the repository’s releases page on GitHub.
  • Download the latest release file (typically a JAR file) to your local machine.
  • In a terminal, navigate to the directory containing the JAR file.
  • Execute the following command to initiate the utility:

java -jar c2-search-netlas-.jar -t -p -s

Docker

To build and start the Docker container for this project, run the following commands:

docker build -t c2detect . docker run -it --rm \ c2detect \ -s “your_api_key” \ -t “your_target_domain” \ -p “your_target_port” \ -v

Source

To use this utility, you need to have a Netlas API key. You can get the key from the Netlas website. Now you can build the project and run it using the following commands:

./gradlew build java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar --help

This will display the help message with available options. To search for C2 servers, run the following command:

java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar -t -p -s

This will display a list of C2 servers found in the given IP address or domain.

Support

Name Support
Metasploit :white_check_mark:
Havoc :red_question_mark:
Cobalt Strike :white_check_mark:
Bruteratel :white_check_mark:
Sliver :white_check_mark:
DeimosC2 :white_check_mark:
PhoenixC2 :white_check_mark:
Empire :cross_mark:
Merlin :white_check_mark:
Covenant :cross_mark:
Villain :white_check_mark:
Shad0w :cross_mark:
PoshC2 :white_check_mark:

Legend:

  • :white_check_mark: - Accept/good support
  • :red_question_mark: - Support unknown/unclear
  • :cross_mark: - No support/poor support

Contributing

If you’d like to contribute to this project, please feel free to create a pull request.

License

This project is licensed under the License - see the LICENSE file for details.

GitHub:

https://github.com/michael2to3/c2-search-netlas

4 Likes