Dnscat2
A DNS-based encrypted command-and-control (C&C) tunnel for secure communication and data exfiltration.
What is Dnscat2?
dnscat2 is a DNS tunneling tool that creates an encrypted command-and-control channel over the DNS protocol. It allows secure communication and data exfiltration from compromised or restricted networks by disguising traffic as legitimate DNS queries and responses. The tool is specifically designed for penetration testing and secure remote access scenarios.
Security professionals, penetration testers, and red team operators who need to establish covert communication channels in restricted network environments. It is also useful for researchers studying network security and DNS-based tunneling techniques.
Developers choose dnscat2 for its strong default encryption, ability to bypass firewalls using DNS, and flexible deployment options. Unlike generic tunneling tools, it is optimized for command and control with features like session management, shell access, and port forwarding.
Overview
dnscat2 is a tool designed to create an encrypted command-and-control (C&C) channel over the DNS protocol. It enables secure communication and data tunneling out of restricted networks by leveraging DNS queries and responses, making it effective for penetration testing and secure remote access.
Key Features
- Encrypted Communication — All traffic is encrypted by default using ECDH key exchange, Salsa20 encryption, and SHA3 signatures.
- DNS Protocol Tunneling — Uses DNS queries/responses to bypass firewalls and network restrictions, appearing as normal DNS traffic.
- Flexible Deployment — Supports both authoritative DNS server traversal (stealthy) and direct UDP connections (faster).
- Session Management — Provides an interactive console with multiple windows for managing clients, shells, and tunnels.
- Data Tunneling — Can tunnel any data, including file transfers, shell sessions, and TCP connections (via port forwarding).
- Cross-Platform Client — The client is written in C with minimal dependencies, running on Linux, Windows, FreeBSD, and macOS.
Philosophy
dnscat2 is purpose-built for command and control, prioritizing encryption and flexibility over generic internet tunneling. It treats DNS as a transport layer, enabling robust, protocol-agnostic data exchange.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
