Merlin Logo

Merlin

0
Free
Visit Website

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, allowing for efficient and secure communication between the server and agents. It provides a robust and flexible framework for post-exploitation activities, enabling users to execute commands, upload and download files, and perform other tasks on compromised systems. Merlin's HTTP/2 protocol support ensures efficient and reliable communication, while its Golang implementation provides a lightweight and scalable solution for command and control operations.

FEATURES

ALTERNATIVES

A tool to dump login passwords from Linux desktop users, leveraging cleartext credentials in memory.

Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.

CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.

A tool for testing Cross Site Scripting vulnerabilities

A tool for recursively querying webservers

A Live CD and Live USB for penetration testing and security assessment

Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.

An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.

PINNED