Documentation Index
Fetch the complete documentation index at: https://mintlify.com/HavocFramework/Havoc/llms.txt
Use this file to discover all available pages before exploring further.
General Questions
Why does Havoc not perform sleep obfuscation when jobs are running?
Why does Havoc not perform sleep obfuscation when jobs are running?
Jobs are ran in their own threads, and sleep obfuscation requires that all threads are suspended in order to encrypt the heap, otherwise the process would crash.
Sleep obfuscation will only occur when there are no job threads in a running state. Long-running jobs will prevent sleep obfuscation from occurring at the specified sleep interval.
What platforms does Havoc support?
What platforms does Havoc support?
Havoc works well on Debian 10/11, Ubuntu 20.04/22.04 and Kali Linux. It’s recommended to use the latest versions possible to avoid issues.You’ll need:
- A modern version of Qt
- Python 3.10.x
The Client is cross-platform and written in C++ and Qt, so it can run on Windows, Linux, and macOS.
What agent architectures are currently supported?
What agent architectures are currently supported?
Currently, only x64 EXE/DLL formats are supported for the Demon agent.The Demon agent is Havoc’s flagship agent written in C and ASM with support for:
- Sleep obfuscation techniques (Ekko, Ziliean, FOLIAGE)
- x64 return address spoofing
- Indirect syscalls for Nt* APIs
What listener types are supported?
What listener types are supported?
Currently, only HTTP/HTTPS listeners are supported.The listeners support extensive customization through profiles including:
- Custom headers
- User agents
- URIs
- Kill dates
- Working hours
Can I create custom agents for Havoc?
Can I create custom agents for Havoc?
Yes! Havoc supports custom, third-party agents using the Service API and Python API.An example custom agent called Talon is available as a reference implementation.
Custom agents connect to the Teamserver using Service endpoints defined in the teamserver profile.
How do I extend Havoc's functionality?
How do I extend Havoc's functionality?
Havoc can be extended through several methods:
- Modules - Load additional functionality into the framework
- Official modules: Havoc Modules Repository
- Python API - Automate and extend capabilities
- Documentation: havoc-py
- Custom Agents - Build your own agents using the Service API
- Example: Talon Agent
- External C2 - Integrate with external command and control infrastructure
Is Havoc designed to evade detection?
Is Havoc designed to evade detection?
Havoc gives operators the capability to add custom features or modules that evade their target’s detection system. Please do not open issues regarding detection.
Does Havoc support multiplayer operations?
Does Havoc support multiplayer operations?
Yes! The Teamserver supports multiple operators connecting simultaneously. Multiple users can be configured in the teamserver profile using the
Operators directive.Community & Support
Where can I get help with Havoc?
Where can I get help with Havoc?
- Discord: Join the official Havoc Discord
- Wiki: Check the GitHub Wiki
- Issues: Review open and closed issues
- Documentation: Visit the official documentation