Fourth step in setting up C2 environment. Using socat as front to Covenant. Command and Control my way. @c2_matrix #Covenant #pentest #pentesting #redteam #infosec

It is time for part 4 in this series to set up a Command and Control, and this time I am trying out C2 server Covenant. You can go and read about Covenant here

A picture says more than 1000 words so lets start with that!


Short list

install kali
apt-get update
apt full-upgrade
systemctl enable ssh
systemctl start ssh


After installation of kali it is time to install stuff that will the server to get enabled for Covenant! We will start with som stuff

sudo snap install dotnet-sdk --classic --channel=3.1

apt-get install git


Covenant installation

git clone –recurse-submodules

We have now got everything installed to get this C2 server up and running.

Go to the directory of Covenant/Covenant


dotnet run

If you get below error, it is solved by exporting this:

server error

After the export we run the command again!

The server is up and running. If you want to use lower ports like 80 or 443 you need to run this as root.

Running Server

Go to a browser on the machine and access and try

Covenant Web

Login screen


Press the Listeners meny on the left.

It is time to create a listener for our C2 server. Press Create.


Fill in your information. That is right for you.


Then it is time to create Launcher that will connect to our C2 server. On the left meny press Launchers and the press powershell.

Powershell Launcher 1
Lanuncher 2

Then run the powershell command on the victim.

When you have run one of the command from above. The client will pop up in web gui under Grunts


Press the name to interact with the victim


Under task you predefined task that you can run


The result from task is whoami

Result of task

New listener for https and external access thru Socat


Configure the https listerner with certificate. If you have a wildcard cert like me from lets encrypt lets create a certificate for the https listener.

openssl pkcs12 -export -out -inkey -in

Then we create the listener like this

We have now tried the basics with this C2 application called Covenant!

If you like gui of a C2 this will be a really nice one for you.

This was all for now!

Keep hacking!



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at

Up ↑

%d bloggers like this: