Skip to content

Roadmap

This is a living document. Nothing here is a commitment.


v0.1 - The Fragrant Flower Blooms With Dignity

Section titled “v0.1 - The Fragrant Flower Blooms With Dignity ✓”
Core / Framework - 7 done
  • Full Havoc -> Mugen rebrand - manga theme, name, Python module
  • Themes - Mugen (sakura pink) + Havoc Classic (Dracula), switchable from navbar, persisted via QSettings
  • Agent ID prefixes - DN-XXXXXXXX for Demon, TU-XXXXXXXX for Tengu
  • make rebuild - recompile teamserver + client without wiping cmake cache
  • DEADBEEF magic bytes randomization - unique value per server instance
  • djb2 HASH_KEY randomization - unique value per payload build
  • DLL export function name randomization - replaces the static Start signature per build
Tengu - Linux agent - 28 done
  • HTTP/HTTPS C2, configurable sleep + jitter, configurable User-Agent
  • Base commands: shell, sleep, exit, pwd, ls, cd, cat, download, upload, mkdir, rm, cp, chmod
  • Process management: ps, kill
  • Identity: whoami (uid/euid, groups, capabilities, sudo, TTY), id, env
  • Network recon: netstat, arp, route, ifconfig - parsed from /proc, no external binary
  • Port scanner - TCP connect scan, IP or CIDR, 64 parallel connections
  • Credential harvester - SSH keys, cloud tokens (AWS/GCP/Azure), shell history, git, docker, kube, shadow (harvest)
  • Process memory scan - /proc/<pid>/mem without ptrace, credential pattern matching (procdump)
  • Keylogger - evdev raw input + X11 fallback, no external binary (keylog)
  • In-memory ELF execution - memfd_create, zero disk writes (memfd)
  • Persistence: persist cron, persist systemd, persist bash
  • Screenshot: X11 (scrot), Wayland (grim), ImageMagick (import)
  • SOCKS5 proxy over C2 channel
  • Reverse port forward - rportfwd add/rm/list, bidirectional relay without SOCKS5
  • ELF BOF loader - x86_64 in-process execution with full BeaconAPI; trampoline support for PLT32 relocations outside 32-bit range (inline-execute / bof)
  • info - local session metadata, no round-trip
  • help - tabular command list
  • DNS C2 transport - TXT record polling, base32-encoded frames in QNAME labels
  • DoH C2 transport - DNS-over-HTTPS POST /dns-query
  • TCP transport - outbound TCP, cross-platform pivoting (Windows Demon -> Linux Tengu)
  • ChaCha20 application-layer encryption - all frames encrypted post-INIT on all transports
  • Kill date + working hours - configured at payload build time
  • Explorer UI - process list + file explorer in Qt client
  • Live privilege escalation detection - whoami updates euid-based username in session table and graph in real-time
  • Proxy support - HTTP/SOCKS5 at build time, HTTP_PROXY/HTTPS_PROXY env var fallback, NTLM/Basic auth
  • Sleep obfuscation - XOR-encrypts agent code pages (PROT_NONE) during sleep, decrypts via helper thread with pre-resolved libc pointers
  • String obfuscation - per-build XOR key, pre-encrypted string constants injected at compile time via SXOR macro
  • Privilege escalation recon - SUID/SGID scan, sudo -l, writable PATH dirs, processes with non-zero capabilities (privesc)
Client UI - 10 done
  • Manga dark theme (sakura pink) + Havoc Classic (Dracula) - switchable, persisted
  • Dashboard - 4 stat cards (live/dead/total), last 8 credentials, last 8 downloads
  • Session table with live health countdown (color-coded green/yellow/red)
  • Console search (Ctrl+F) - highlight, navigation, match counter, Escape to close
  • Session table query filter - space-separated tokens, named fields (type:TU health:live user:root)
  • Session notes & tags - free-form annotations, tag column in session table, SQLite persistence
  • Loot Manager - screenshots with inline viewer (zoom, fit, save), downloads, credentials
  • Map view - world map with geolocated agents, live (pink) / dead (grey) dots
  • Desktop notifications on agent check-in (tray icon + toast)
  • Session graph edge labels - links display ListenerName [TYPE] for C2 edges and pivot for SMB pivot edges
Python API - 7 done
  • import mugen - full HavocFramework/Modules compatibility (import havoc also works)
  • RegisterTenguCommand - Python commands scoped to Tengu sessions
  • RegisterCommand(agent="Tengu") - alternative registration syntax
  • Packer globally available without import
  • mugen.AddCredential() - log credentials from scripts into the Loot Manager
  • Module auto-loader - all .py from ~/.mugen/modules/ loaded at startup
  • Proxy support - HTTP_PROXY/HTTPS_PROXY env awareness, NTLM proxy auth (Demon + Tengu)
Teamserver - 4 done
  • HTTP/HTTPS listeners
  • DNS listener
  • DoH listener
  • TCP listener (cross-platform pivoting)

v0.2 - general improvements + network evasion

Section titled “v0.2 - general improvements + network evasion”
Network evasion
  • Malleable C2 profile for Tengu - configurable HTTP headers, URIs, user-agent per profile
  • JA3/JA3S fingerprint randomization - rotate TLS client hello parameters
  • Domain fronting - Host: header override per profile (Demon + Tengu)
Tengu
  • ELF BOF toolkit - Linux equivalents of SituationalAwareness BOFs
  • Lateral movement - SSH key harvesting + spray, pivot over existing SSH session
  • Container awareness - cgroup namespace detection, Docker socket, escape primitives
  • Advanced persistence - LD_PRELOAD, /etc/profile.d
Demon
  • Sleep callback obfuscation - mask the call stack during sleep via timer callbacks (Foliage/Cronos style) instead of thread suspension
  • ChaCha20 application-layer encryption - encrypt Demon frames before sending on all transports, matching Tengu
  • In-memory .NET assembly execution - execute-assembly style, fork-and-run in a sacrificial process, output via named pipe
  • PIC shellcode conversion - full position-independent shellcode format, no import table (inspired by Jhin)
  • Crystal Palace loader integration - callstack spoofing + indirect syscalls as a swappable evasion layer, decoupled from the Demon core
  • Module stomping - overwrite the .text section of a legitimate DLL instead of allocating RWX memory
  • Stack spoofing - synthetic call stack during sleep via fibers or CFG bypass
  • ETW provider unhooking (per-provider)
  • Heap encryption during sleep
  • Threadless injection
  • Custom reflective loader
  • Improved PPID spoofing - inherit handles and env in addition to parent process
  • Token vault improvements - privilege-based filtering, auto-impersonate at spawn
Python API
  • mugen.AgentInfo(agent_id) - full session metadata to scripts
  • mugen.OnTaskComplete(agent_id, callback) - callback on task completion
  • mugen.AddContextMenu(label, handler) - right-click entries from scripts
  • Linux module collection - SituationalAwareness, persistence, privesc via Tengu BOF API
Client UI
  • Split console view - two agent consoles side by side
  • Session table column customization - hide/reorder columns, persist layout
  • Payload builder UX - live config preview, one-liner copy-paste generator
  • Certificate pin viewer - display teamserver TLS fingerprint in the connection dialog
Teamserver
  • REST API - authenticated HTTP API for external tooling (BloodHound, SIEM, custom dashboards)
  • Webhook notifications - POST on check-in, task complete, error (Slack, Teams, custom)
  • Audit log - structured persistent log of all operator commands and agent responses
  • Redirector support - auto-generate nginx/Apache rewrite rules
  • Multi-profile listeners - multiple HTTP/HTTPS listeners with different C2 profiles simultaneously
  • Let’s Encrypt integration

New agents
  • macOS agent - Mach-O implant in C/ObjC, launchd persistence, Keychain access
  • Cross-platform shellcode stager (~1KB HTTP stager for Linux and macOS)
Go API
  • Drop Python API - full deprecation of the mugen Python module
  • Go module API - compiled .so plugins loaded dynamically by the teamserver
  • External agent SDK - documented protocol + Go library
Infrastructure
  • Docker packaging - docker-compose up to start a full teamserver + redirector stack
  • One-line install script (Debian/Ubuntu/Arch/Kali)
  • CI/CD pipeline - GitHub Actions build + tests

Havoc’s open-source repository was archived on February 20, 2026. C5pider’s commercial successor is priced at $4,000 USD/license/year with a 3-license minimum.

Capability Havoc Professional Mugen
Windows agent Kaine (fully PIC) Demon
Linux agent Kaine Linux (x86_64, AArch64) Tengu (x86_64)
HTTP/HTTPS C2 yes yes
DNS / DoH C2 yes yes
TCP pivot transport yes yes
Application-layer encryption yes yes (ChaCha20)
BOF execution yes (sync + async) yes (sync)
Reverse port forward yes yes
SOCKS5 proxy yes yes
In-memory ELF execution - yes (memfd)
Credential harvesting - yes (harvest, procdump, keylog)
Port scanner - yes
Privilege escalation recon - yes (privesc)
Sleep obfuscation (Linux) - yes (code page encryption)
Proxy support yes yes (HTTP/SOCKS5, NTLM)
Loot manager - yes
Session notes & tags - yes
Map view - yes
Dashboard - yes
Query filter - yes
Python API yes yes
LSASS dump yes planned
Browser credential dump yes planned
Price $12,000+/year free (GPL-3.0)

Version Name Status
v0.1 The Fragrant Flower Blooms With Dignity Released
v0.2 TBD In progress
v0.3 TBD Planned