EN
ENNA
MY

Mythic

Featured

🔥 Offensive Ops · Go

Mythic is a multiplayer, command and control platform for red team operations. It's designed to be collaborative, allowing multiple operators to manage agents simultaneously through a web-based UI. Mythic supports multiple agent types (Apollo for .NET, Poseidon for Go, Medusa for Python, etc.) and uses a plugin architecture for extensibility. All communication is containerized and managed through Docker. It tracks operations, manages credentials, and provides file management — a complete red team platform.

View on GitHubDocumentation

Use Cases

  • Full red team C2 operations with web UI
  • Multi-operator collaborative engagements
  • Custom agent development via plugin system
  • Operation tracking and credential management
  • Cross-platform implant deployment

Tags

c2red-teammulti-operatordockerweb-ui

Details

Category
🔥 Offensive Ops
Language
Go

Platforms

🐧linux🍎macos

Links

GitHub Repository

github.com/its-a-feature/Mythic

Documentation

docs.mythic-c2.net

Releases

github.com/its-a-feature/Mythic/releases

Issues

github.com/its-a-feature/Mythic/issues

Alternatives & Comparisons

Metasploit Framework

Ruby

The world's most used penetration testing framework. Exploit development, payload delivery, post-exploitation.

Sliver

Go

Open-source C2 framework by BishopFox. mTLS, HTTP(S), DNS, WireGuard implants with multi-operator support.

Empire

Python

Post-exploitation agent built on PowerShell and Python. Cryptologically-secure communications and flexible architecture.

More in Offensive Ops

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound

BeEF

Ruby

Browser Exploitation Framework. Hook browsers via XSS, then pivot into the network using browser-based attacks.

browserxsshook