Merlin is a cross-platform post-exploitation Command & Control (C2) framework written in Golang that utilizes HTTP/2 protocol for communication between server and agents. The framework enables operators to maintain persistent access to compromised systems through a client-server architecture. The server component acts as the command and control infrastructure, while lightweight agents are deployed on target systems to establish communication channels. Key capabilities include remote command execution on compromised hosts, file upload and download functionality for data exfiltration and tool deployment, and cross-platform compatibility supporting multiple operating systems. The HTTP/2 protocol implementation provides efficient communication with features like multiplexing and header compression. The Golang implementation offers a compiled binary approach that reduces dependencies and provides consistent performance across different platforms. The framework supports various post-exploitation activities commonly used in penetration testing and red team operations. Merlin includes agent management capabilities for handling multiple compromised systems simultaneously and provides a command-line interface for operator interaction with the C2 infrastructure.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
SharpEDRChecker scans system components to detect security products and tools.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
Interactive online malware sandbox for real-time analysis and threat intelligence
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
A digital archive of the internet, allowing users to capture and browse archived web pages.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.