Cross-platform post-exploitation HTTP Command & Control agent written in golang
This repository is a port of the Merlin agent from https://github.com/Ne0nd0g/merlin to run on the Mythic framework. This implementation uses Mythic's Default HTTP Command and Control profile
Merlin documentation can be found at https://merlin-c2.readthedocs.io/en/latest/index.html
Mythic documentation can be found at https://docs.mythic-c2.net/
To get started:
- Clone the Mythic repository
- Pull down the http C2 profile from the MythicC2Profiles organization
- Pull down the Merlin agent from the MythicAgents organization
- Start Mythic
- Navigate to https://127.0.0.1:7443 and login with a username of
mythic_admin
and password retrieved from the.env
file
This code snippet will execute most of the getting started steps:
cd ~/
git clone https://github.com/its-a-feature/Mythic
cd Mythic/
./mythic-cli install github https://github.com/MythicC2Profiles/http
./mythic-cli install github https://github.com/MythicAgents/merlin
sudo ./mythic-cli mythic start
sudo cat .env | grep MYTHIC_ADMIN_PASSWORD
This implementation of Merlin on the Mythic Framework is incomplete and is still in development. Here are some known limitations:
Feature | Status | Notes |
---|---|---|
MiniDump | Not Implemented | |
Padding | Implemented | Merlin v1.3.0 |
File Chunking | Not Implemented | |
Windows DLL | Not Implemented |