Merlin is a cross-platform post-exploitation Command & Control (C2) framework written in Golang that utilizes HTTP/2 protocol for communication between server and agents. The framework enables operators to maintain persistent access to compromised systems through a client-server architecture. The server component acts as the command and control infrastructure, while lightweight agents are deployed on target systems to establish communication channels. Key capabilities include remote command execution on compromised hosts, file upload and download functionality for data exfiltration and tool deployment, and cross-platform compatibility supporting multiple operating systems. The HTTP/2 protocol implementation provides efficient communication with features like multiplexing and header compression. The Golang implementation offers a compiled binary approach that reduces dependencies and provides consistent performance across different platforms. The framework supports various post-exploitation activities commonly used in penetration testing and red team operations. Merlin includes agent management capabilities for handling multiple compromised systems simultaneously and provides a command-line interface for operator interaction with the C2 infrastructure.