C2 Search Netlas is a Java utility designed to detect Command and Control (C2) servers using the Netlas API. It provides a straightforward and user-friendly CLI interface for searching C2 servers, leveraging the Netlas API to gather data and process it locally.
After acquiring your API key, execute the following command to search servers:
Replace
This will display the help message with available options. To search for C2 servers, run the following command:
This will display a list of C2 servers found in the given IP address or domain.
Legend:
Usage
To utilize this terminal utility, you'll need a Netlas API key. Obtain your key from the Netlas website.After acquiring your API key, execute the following command to search servers:
c2detect -t <TARGET_DOMAIN> -p <TARGET_PORT> -s <API_KEY> [-v]Replace
<TARGET_DOMAIN> with the desired IP address or domain, <TARGET_PORT> with the port you wish to scan, and <API_KEY> with your Netlas API key. Use the optional -v flag for verbose output. For example, to search at the google.com IP address on port 443 using the Netlas API key 1234567890abcdef, enter:c2detect -t google.com -p 443 -s 1234567890abcdefRelease
To download a release of the utility, follow these steps:- Visit the repository's releases page on GitHub.
- Download the latest release file (typically a JAR file) to your local machine.
- In a terminal, navigate to the directory containing the JAR file.
- Execute the following command to initiate the utility:
java -jar c2-search-netlas-<version>.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>Docker
To build and start the Docker container for this project, run the following commands:
코드:
docker build -t c2detect .
docker run -it --rm \
c2detect \
-s "your_api_key" \
-t "your_target_domain" \
-p "your_target_port" \
-vSource
To use this utility, you need to have a Netlas API key. You can get the key from the Netlas website. Now you can build the project and run it using the following commands:
코드:
./gradlew build
java -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar --helpjava -jar app/build/libs/c2-search-netlas-1.0-SNAPSHOT.jar -t <ip-or-domain> -p <port> -s <your-netlas-api-key>This will display a list of C2 servers found in the given IP address or domain.
Support
| Name | Support |
|---|---|
| Metasploit |  |
| Havoc |  |
| Cobalt Strike | |
| Bruteratel | |
| Sliver | |
| DeimosC2 | |
| PhoenixC2 | |
| Empire |  |
| Merlin | |
| Covenant | |
| Villain | |
| Shad0w | |
| PoshC2 | |
- - Accept/good support
- - Support unknown/unclear
- - No support/poor support