Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/HavocFramework/Havoc/llms.txt

Use this file to discover all available pages before exploring further.

Havoc Framework

A modern and malleable post-exploitation command and control framework for red team operations. Built with flexibility, extensibility, and stealth in mind.

Get startedLearn the basicsView on GitHub

Get started in minutes

Follow these steps to set up your Havoc Framework environment

1

Install dependencies

Install the required dependencies for your operating system. Havoc works best on Debian 10/11, Ubuntu 20.04/22.04, and Kali Linux.
Ubuntu/Debian
sudo apt install -y git build-essential cmake libfontconfig1 libglu1-mesa-dev \
  libgtest-dev libspdlog-dev libboost-all-dev libncurses5-dev libgdbm-dev \
  libssl-dev libreadline-dev libffi-dev libsqlite3-dev libbz2-dev qtbase5-dev \
  qtchooser qt5-qmake qtbase5-dev-tools libqt5websockets5 libqt5websockets5-dev \
  qtdeclarative5-dev golang-go python3.10 python3.10-dev mingw-w64 nasm
2

Clone and build

Clone the Havoc repository and build both the teamserver and client.
git clone https://github.com/HavocFramework/Havoc.git
cd Havoc

# Build teamserver
make ts-build

# Build client
make client-build
3

Start the teamserver

Launch the teamserver with your profile configuration. The teamserver handles listeners, payload generation, and client connections.
sudo ./havoc server --profile ./profiles/havoc.yaotl -v --debug
The teamserver will listen on port 40056 by default. You can customize this in the profile configuration.
4

Connect with the client

Start the Havoc client and connect to your running teamserver.
./havoc client
Enter your teamserver connection details (host, port, username, and password) in the profile window.
5

Create a listener and generate a payload

From the client, navigate to ViewListeners to create an HTTP/HTTPS listener. Then go to AttackPayload to generate your first Demon agent.
Configure your Demon agent with:
  • Listener: Select your HTTP/HTTPS listener
  • Format: EXE, DLL, or Shellcode
  • Architecture: x64 (x86 support coming soon)
  • Sleep: 2 seconds (customizable)
  • Jitter: 15% (adds randomness to sleep intervals)

Explore by topic

Dive deeper into Havoc’s capabilities and architecture

Core concepts

Understand the architecture, teamserver, client, and profile system

Demon agent

Explore the flagship agent with sleep obfuscation and indirect syscalls

Listeners

Configure HTTP/HTTPS and SMB listeners for agent communication

Commands

Master the built-in commands for process, token, and job management

Extensibility

Extend Havoc with custom agents, modules, and the Python API

Advanced techniques

Learn about indirect syscalls, sleep obfuscation, and evasion techniques

Key features

What makes Havoc Framework powerful for red team operations

Sleep obfuscation

Multiple sleep obfuscation techniques including Ekko, Zilean, and FOLIAGE to evade memory scanners during agent sleep cycles.

Indirect syscalls

Execute NT APIs via indirect syscalls with return address spoofing to evade EDR instrumentation callbacks.

Multiplayer support

Multiple operators can connect to the same teamserver simultaneously, enabling collaborative red team operations.

Customizable profiles

Configure every aspect of your C2 infrastructure using YAOTL profiles, from HTTP headers to sleep behavior.

Token vault

Steal, store, and impersonate access tokens from running processes for privilege escalation and lateral movement.

Extensible architecture

Extend functionality with custom agents, modules, External C2, and a Python API for automation and integration.

Community and support

Join the Havoc community and get help from other operators

Discord community

Join our Discord server to chat with the community and get support

GitHub discussions

Ask questions and share ideas in GitHub discussions

Report issues

Found a bug? Report it on our GitHub issues page

Contributing

Learn how to contribute to Havoc Framework

Ready to get started?

Install Havoc Framework and start building your red team infrastructure today.

Installation guideQuickstart