Home

Malware Families

Covenant

Backdoor

Windows

Pen testing

Covenant

Covenant

Covenant is a .NET based command and control (C2) framework for offensive cybersecurity. Web based interface for multi user collaboration. Great for red teaming.

Key Insights

Key Insights

Covenant’s web interface allows multiple users to work together during red teaming, making team collaboration super easy.

Cross Platform

Built on ASP.NET Core, Covenant runs on Windows, Linux, and macOS. Offers cross-platform support for all your operational environments.

Advanced Features

Covenant has features for offensive security such as payload generation, implant tracking, and tasking. Great for red teaming to simulate real-world attacks.

Known Variants

Known Variants

No major variants reported but widely adapted by attackers for stealth and persistence.

No major variants reported but widely adapted by attackers for stealth and persistence.

Mitigation Strategies

Mitigation Strategies

  • Lockdown your C2 frameworks to prevent unauthorized use.

  • Monitor network traffic for C2 traffic.

  • Keep systems and tools up to date to detect and prevent threats.

  • Do security testing regularly to find and fix vulnerabilities.

Targeted Industries or Sectors

Targeted Industries or Sectors

Covenant is used in cybersecurity for red teaming and penetration testing. Used across all industries to test and improve security.

Covenant is used in cybersecurity for red teaming and penetration testing. Used across all industries to test and improve security.

Associated Threat Actors

Associated Threat Actors

While Covenant is for legitimate security testing, there is always a risk of misuse. No known threat actors have been seen using Covenant for malicious activities.

While Covenant is for legitimate security testing, there is always a risk of misuse. No known threat actors have been seen using Covenant for malicious activities.

References

    Ready to uncover malware networks?

    We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

    Book your Demo Today

    Banner background image

    Ready to uncover malware networks?

    We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

    Book your Demo Today

    Banner background image

    Ready to uncover malware networks?

    We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

    Book your Demo Today

    Banner background image
    Covenant C2 Framework: Offensive Cyber Tool

    Threat Hunting Platform - Hunt.io

    Products

    Web Interface

    Feeds

    Enrichment API

    Features

    AttackCapture™

    HuntSQL™

    New

    C2 Detection

    IOC Hunter

    Phishing Infrastructure

    Resources

    Change Log

    Terms & Conditions

    Privacy Policy

    Support Docs

    Malware Families

    Latest News

    GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains

    GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains

    Feb 4, 2025

    How SSL Intelligence and SSL History Can Supercharge Threat Hunting

    How SSL Intelligence and SSL History Can Supercharge Threat Hunting

    Jan 30, 2025

    SparkRAT: Server Detection, macOS Activity, and Malicious Connections

    SparkRAT: Server Detection, macOS Activity, and Malicious Connections

    Jan 28, 2025

    ©2024

    Hunt Intelligence, Inc.

    Covenant C2 Framework: Offensive Cyber Tool

    Threat Hunting Platform - Hunt.io

    Products

    Web Interface

    Feeds

    Enrichment API

    Features

    AttackCapture™

    HuntSQL™

    New

    C2 Detection

    IOC Hunter

    Phishing Infrastructure

    Resources

    Change Log

    Terms & Conditions

    Privacy Policy

    Support Docs

    Malware Families

    Latest News

    GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains

    GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains

    Feb 4, 2025

    How SSL Intelligence and SSL History Can Supercharge Threat Hunting

    How SSL Intelligence and SSL History Can Supercharge Threat Hunting

    Jan 30, 2025

    SparkRAT: Server Detection, macOS Activity, and Malicious Connections

    SparkRAT: Server Detection, macOS Activity, and Malicious Connections

    Jan 28, 2025

    ©2024

    Hunt Intelligence, Inc.

    Covenant C2 Framework: Offensive Cyber Tool

    Threat Hunting Platform - Hunt.io

    Products

    Web Interface

    Feeds

    Enrichment API

    Features

    AttackCapture™

    HuntSQL™

    New

    C2 Detection

    IOC Hunter

    Phishing Infrastructure

    Resources

    Change Log

    Terms & Conditions

    Privacy Policy

    Support Docs

    Malware Families

    Latest News

    GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains

    GreenSpot APT Targets 163.com Users with Fake Download Pages & Spoofed Domains

    Feb 4, 2025

    How SSL Intelligence and SSL History Can Supercharge Threat Hunting

    How SSL Intelligence and SSL History Can Supercharge Threat Hunting

    Jan 30, 2025

    SparkRAT: Server Detection, macOS Activity, and Malicious Connections

    SparkRAT: Server Detection, macOS Activity, and Malicious Connections

    Jan 28, 2025

    ©2024

    Hunt Intelligence, Inc.