Havoc
Featured🔥 Offensive Ops · C/C++
Havoc is a modern, malleable post-exploitation command and control framework. It features a cross-platform Qt-based GUI, support for Beacon Object Files (BOFs), custom agent development through its Agent SDK, and encrypted C2 communication. Havoc was designed as an open-source alternative to Cobalt Strike with a similar operator experience. It supports multiple listeners, team servers, and has a growing library of post-exploitation modules.
Use Cases
- Red team operations with GUI-based C2
- Beacon Object File (BOF) execution
- Custom agent and listener development
- Encrypted C2 with malleable profiles
- Team server for collaborative ops
Tags
Details
- Category
- 🔥 Offensive Ops
- Language
- C/C++
- Repository
- HavocFramework/Havoc
Platforms
Alternatives & Comparisons
Metasploit Framework
RubyThe world's most used penetration testing framework. Exploit development, payload delivery, post-exploitation.
Sliver
GoOpen-source C2 framework by BishopFox. mTLS, HTTP(S), DNS, WireGuard implants with multi-operator support.
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
More in Offensive Ops
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
Rubeus
C#C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.
Certipy
PythonActive Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.
Coercer
PythonAutomatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.
SharpHound
C#Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.
BeEF
RubyBrowser Exploitation Framework. Hook browsers via XSS, then pivot into the network using browser-based attacks.