Cadence C2 or Cadence Meridian is the next-generation cloud-based Command & Control framework designed for lawful access scenarios and black-box network penetration tests.
Advanced JA3 Fingerprinting Evasion, advanced network operational security (OPSEC), cutting edge security tool evasion techniques.
Manage all your engagements and operations from a centralized team-oriented dashboard.
AI-driven post-exploitation logs with risk assessment and intelligence reports.
Significantly cheaper than competitors. Flexible pricing plans to suit your team.
✔ Self-Hosted or Cloud-Hosted C2 with a modern user-friendly WebUI.
✔ Unparalleled network operational-security features such as first-in-class JA3/JA3S TLS fingerprint evasion.
✔ Enjoy control over all of your intelligence assets from a single dashboard with advanced access control.
Stable Reverie is the network upon which Cadence C2/Cadence Meridian is designed. It boasts impressive implant comms protocols which are designed to separate the operation from your internal infrastructure.
✔ JA3/JA3S spoofing to mimic legitimate processes during implant tasking.
✔ Steganography and encryption, tasks are hidden in benign file types.
✔ Advanced redirectors. Redirectors are designed for covert access, offering malleable options to modify communication protocols, serve benign web pages, and even perfectly mimic real websites.
✔ Malleable profiles. Redirectors act as delegates between the implant and the server, meaning that the profile for each operation can be drastically different on the backend but appear the same to the operator on the front-end.
✔ Encryption. Redirector communications are both asymmetrically (SSL/TLS) and symmetrically (256 bit AES, custom XOR implementations) encrypted for task comms and configs.
✔ Proprietary R&D in evading both usermode and kernelmode hook-based XDR/EDR detection.
✔ An unparalleled set of nine loader options, allowing operators freedom in deploying third-party modules.
✔ Poltergeist, a first of its kind (to public knowledge): a fully reflective Windows *.exe PE loader which both captures outputs and can take command-line arguments.
✔ Dozens of industry-standard evasion techniques such as foliage sleep obfuscation, Blindside, SysWhisper, Stack Spoofing, encrypted strings and configs, redirector authentication to prevent unauthorized clients, and more!
✔ Flexible build options! Are you delivering payloads via macros? Executables? An exploit which requires shellcode, or perhaps DLL-sideloading? Cadence has you covered!
✔ More proprietary R&D in advanced solutions to malware evasion techniques, a sneak peek on the "Stowaway" static-detection evasion technique coming soon!
✔ R&D into browser exploitation and 0-day development.
✔ Automated exploitation dashboard with support for Linux clients for initial foothold.
✔ Integrated phishing frameworks to serve malware for initial foothold via the redirectors.
After the next 6 quarters we intend to expand past being a post-exploitation framework and will offer options for teams looking to automate their initial foothold.
Interested? Want to learn more?