-
Notifications
You must be signed in to change notification settings - Fork 803
Home
Russel Van Tuyl edited this page Nov 22, 2017
·
13 revisions
Merlin is a post-exploit Command & Control (C2) tool, also known as a Remote Access Tool (RAT), that communicates using the HTTP/2 protocol. This tool was the result of my work evaluating HTTP/2 in a paper titled Practical Approach to Detecting and Preventing Web Application Attacks over HTTP/2. Merlin is also my first attempts at learning Golang.
This tool is intended to be used during research and authorized testing.
One aim of the tool is to provide evasion capabilities by leveraging the HTTP/2 protocol. Because the protocol is not understood by many technologies, it should more easily bypass inspection or detection activities.