MeetC2 is a cross-platform C2 framework that abuses Google Calendar APIs for covert communication. It allows red and blue teams to emulate and study command-and-control techniques that hide within legitimate cloud services.
Key Features:
- Covert Communication: Uses Google Calendar API to create a hidden communication channel.
- Cross-Platform: Compatible with macOS and Linux.
- Emulation of Cloud Abuse: Demonstrates how legitimate cloud services can be abused for adversarial operations.
- Reproducible Validation: Provides a way to validate detections, logging, and third-party app governance for cloud-abuse C2.
Use Cases:
- Red Team Exercises: Simulate real-world C2 scenarios using a trusted SaaS domain.
- Blue Team Training: Train defenders to detect and respond to cloud-based C2 traffic.
- Security Research: Study the effectiveness of cloud-based C2 techniques.
- Purple Team Exercises: Validate detections, logging, and governance controls.
