dnscat2
Featured⚖️ Dual Use · Ruby
dnscat2 creates an encrypted command-and-control channel over the DNS protocol. It's designed for situations where all other outbound traffic is blocked but DNS resolution is still permitted — which is almost always. The tool consists of a client that runs on compromised hosts and a server that runs on an authoritative DNS server controlled by the attacker. All communication is encrypted and tunneled through DNS TXT, CNAME, or MX records.
Use Cases
- C2 communication over DNS when other protocols are blocked
- Data exfiltration through DNS queries
- Bypassing firewall restrictions that allow DNS
- Encrypted tunneling through corporate DNS infrastructure
Tags
Details
- Category
- ⚖️ Dual Use
- Language
- Ruby
- Repository
- iagox86/dnscat2
Platforms
Alternatives & Comparisons
More in Dual Use
ProxyChains-ng
CForce any TCP connection through SOCKS4/5 or HTTP proxies. Chain multiple proxies for anonymity.
Socat
CMultipurpose relay tool. Bidirectional data transfer between two data channels — sockets, files, pipes, devices.
ngrok
GoExpose local servers to the internet via secure tunnels. Instant public URLs for localhost services.
Rclone
Gorsync for cloud storage. Sync, copy, and mount 70+ cloud providers. Command-line Swiss army knife for cloud data.
GTFOBins
ShellCurated list of Unix binaries that can be used to bypass security restrictions. Living off the land, documented.
LOLBAS
ShellLiving Off The Land Binaries, Scripts and Libraries for Windows. Documenting every Windows binary with offensive potential.