A Command & Control (C&C) system for network testing and resilience evaluation. The system is built for scalability, security, and operational efficiency.
Disclaimer: This tool is for educational and authorized security testing only. Unauthorized use is prohibited.
 |
 |
 |
 |
 |
 |
 |
 |
For API documentation, see the bottom of this readme.
An alternative PuTTY-based variant exists in a separate project. The primary differences are in communication protocols and bot management. The PuTTY variant is currently private.
- High-performance implementation built with Go for concurrent operations
- TLS 1.3 enforcement with bcrypt password hashing and JWT session management
- Role-Based Access Control (RBAC) with granular permissions
- Comprehensive Layer 4 and Layer 7 attack methods
- Real-time monitoring and diagnostics for connected bots
Operators interact with the C&C system through a secure terminal interface using the following commands.
 |
|
 |
The system uses a dual server architecture to segregate bot and operator traffic. When the API server is active, this becomes a triple architecture.
| Component | Purpose | Protocol & Port |
|---|---|---|
| Bot Listener | Manages bot connections | Custom Binary/TLS on 7002 |
| User/Admin Listener | Handles operator connections | Custom/TLS on 420 |
| API Server | Provides programmatic control | HTTPS REST API on 8080 |
- Authentication: bcrypt password hashing with constant-time comparisons
- Session Management: JWT tokens with refresh, revocation, and IP validation
- TLS: Enforces TLS 1.3 with modern cipher suites
- Resource Management: Bounded data structures prevent memory exhaustion
| Command | Description |
|---|---|
help |
Lists all available commands |
clear |
Clears the terminal screen |
bots |
Displays total connected bots |
botstatus |
Shows bot telemetry dashboard |
methods |
Lists available attack methods based on role |
gif |
Plays terminal animation from .tfx file |
| Command | Description |
|---|---|
ongoing |
Displays currently running attack |
allattacks |
Lists all active attacks on the server |
attackhistory |
Shows past attack history |
stopattack |
Terminates current attack |
users |
Lists all user accounts (Admin/Owner) |
adduser |
Creates new user account (Admin/Owner) |
deluser |
Deletes user account (Admin/Owner) |
rbac |
Manages RBAC permissions (Admin/Owner) |
!reinstall |
Commands all bots to reinstall (Owner) |
Attack commands use the format: !<method> <target> <duration> [options...]
Example: !http get https://example.com 60
Layer 4 Floods:
!udp,!udpsmart- UDP packet floods!tcp,!syn,!ack,!rst- TCP packet floods!gre- GRE packet floods
Layer 4+ (Advanced) Floods:
!vse- Valve Source Engine query flood!xmas- Christmas Tree packet flood!pps- Packets-Per-Second bypass flood!stomp- TCP Stomp flood
Amplification Attacks:
!amp- DNS Amplification
Application Layer (Layer 7) Attacks:
!http- HTTP request floods
The system blocks attacks against private, local, or reserved IP addresses.
| Role | Access Level | Capabilities |
|---|---|---|
| Owner | Full System Control | Complete system management and configuration |
| Admin | Elevated Administration | User management and method authorization |
| Pro | Advanced Operator | High-impact attack methods |
| Basic | Standard Operator | Fundamental methods (!udp, !http) |
The REST API provides programmatic control and automation.
Authentication: API Token & Secret required
Key Endpoints:
POST /api/attack- Launch attacksGET /api/bots- List connected botsGET /api/stats- Retrieve server statistics