# Havoc Framework ## Havoc Framework ![](/files/eWOQH312Tq65gZGkua9N) ## [Havoc](https://github.com/HavocFramework/Havoc#havoc) *Havoc is a modern and malleable post-exploitation command and control framework, created by* [*@C5pider*](https://twitter.com/C5pider)*.* ![](/files/bTm5Z7TpNnZULb5gKY2t) ![](/files/RQQhvBmHXoFdCiedyU4z) > ⚠️ Havoc is in an early state of release. Breaking changes may be made to APIs/core structures as the framework matures. #### [Support](https://github.com/HavocFramework/Havoc#support) Consider supporting C5pider on [Patreon](https://www.patreon.com/5pider)/[Github Sponsors](https://github.com/sponsors/Cracked5pider). Additional features are planned for supporters in the future, such as custom agents/plugins/commands/etc. #### [Quick Start](https://github.com/HavocFramework/Havoc#quick-start) > Please see the [Wiki](https://github.com/HavocFramework/Havoc/wiki) for complete documentation. Havoc works well on Debian 10/11, Ubuntu 20.04/22.04 and Kali Linux. It's recommended to use the latest versions possible to avoid issues. You'll need a modern version of Qt and Python 3.10.x to avoid build issues. See the [Installation](https://github.com/HavocFramework/Havoc/wiki#installation) guide in the Wiki for instructions. If you run into issues, check the [Known Issues](https://github.com/HavocFramework/Havoc/wiki#known-issues) page as well as the open/closed [Issues](https://github.com/HavocFramework/Havoc/issues) list. #### [Features](https://github.com/HavocFramework/Havoc#features) #### [Client](https://github.com/HavocFramework/Havoc#client) > Cross-platform UI written in C++ and Qt * Modern, dark theme based on [Dracula](https://draculatheme.com/) #### [Teamserver](https://github.com/HavocFramework/Havoc#teamserver) > Written in Golang * Multiplayer * Payload generation (exe/shellcode/dll) * HTTP/HTTPS listeners * Customizable C2 profiles * External C2 #### [Demon](https://github.com/HavocFramework/Havoc#demon) > Havoc's flagship agent written in C and ASM * Sleep Obfuscation via [Ekko](https://github.com/Cracked5pider/Ekko), Ziliean or [FOLIAGE](https://github.com/SecIdiot/FOLIAGE) * x64 return address spoofing * Indirect Syscalls for Nt\* APIs * SMB support * Token vault * Variety of built-in post-exploitation commands * Patching Amsi/Etw via Hardware breakpoints * Proxy library loading * Stack duplication during sleep. ![](/files/amaIgx0ToZ3gg5zV2E9Y) #### [Extensibility](https://github.com/HavocFramework/Havoc#extensibility) * [External C2](https://github.com/HavocFramework/Havoc/wiki#external-c2) * Custom Agent Support * [Talon](https://github.com/HavocFramework/Talon) * [Python API](https://github.com/HavocFramework/havoc-py) * [Modules](https://github.com/HavocFramework/Modules) #### [Community](https://github.com/HavocFramework/Havoc#community) You can join the official [Havoc Discord](https://discord.gg/z3PF3NRDE5) to chat with the community! #### [Contributing](https://github.com/HavocFramework/Havoc#contributing) To contribute to the Havoc Framework, please review the guidelines in [Contributing.md](https://github.com/HavocFramework/Havoc/blob/main/CONTRIBUTING.MD) and then open a pull-request! #### [Note](https://github.com/HavocFramework/Havoc#note) Please do not open any issues regarding detection. The Havoc Framework hasn't been developed to be evasive. Rather it has been designed to be as malleable & modular as possible. Giving the operator the capability to add custom features or modules that evades their targets detection system. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://book.konstantinsecurity.com/readme/pentest/red-team/c2-frameworks/havoc-framework.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.