Bifrost C2 Post-exploitation using Discord API
Bifrost C2 Post-exploitation using Discord API

Bifrost: C2 Post-exploitation using Discord API

Bifrost is an open-source Discord BOT that works as Command and Control (C2). This C2 uses Discord API for communication between clients and server.

Developed with Python, this C2 have multiples features for post-exploitation.

How Bifrost works?

As mentioned before, Bifrost is basically a discord bot that receive commands from the Discord user and do a pre-defined task.

So for every client that you are going to “infect”, you will send a copy of this discord bot, and it will respond to you using discord. This allows you to hide behind Discord service being stealth and have a secure connection between you and your client.



This project should be used for authorized testing or educational purposes only.


Bifrost is currently detected by Windows defender, I’m already trying to solve this “problem”, and bypass it again.

Virustotal detection was 5/67 when there was none defense against sandbox execution.

Antivirus that detected Bifrost as malicious was SecureAge APEXJiangminCynetZillya and Palo Alto Networks

Bifrost Features

  •  Multiple clients.
  •  Multi-platform support.
  •  Keylogger.
  •  Antivirus enumeration.
  •  Real-time communication.
  •  Encrypted(HTTPS) communication.
  •  Fast and stealth communication trough Discord API.
  •  No need of public service.
  •  Screenshot gathering.
  •  Download and upload of files.


Bifrost is an open project, so, if you want to add some functionality, improve features or code performance in Bifrost, the best way to get it to the main project is to create a fork and open pull request.


1 – Clone or download Bifrost source code;

2 – Install lib dependencies;

pip install -r requirements.txt

3 – Have Discord account;

4 – Create an application (Bot) on Discord;

5 – Go to General information tab and copy your Application ID;


6 – Go to Bot tab, create the Bot and copy it’s token

7 – Invite your bot to your discord server by filling up the following link with your application ID;<APP_ID>&scope=bot&permissions=8

8 – Now create a channel in your Discord server and copy its ID;

Obs.: Activate developers function in your discord app to copy channel ID easily.

Now with those 2 information (channel ID and Bot Token), change the var values on 22 and 23 lines in file to your account/channel values.

Client Installation

After creating your bot, channel and changing the variable values, follow the steps bellow to deploy the payload to your client


Create an bifrost executable file using pyinstaller, or sending to client and installing all dependencies.

Using the executable file, the client don’t need to have python or any dependencies pre-installed.

pyinstaller --onefile --noconsole --key th3r4ven_bifrost


python -m pyinstaller --onefile --noconsole --key th3r4ven_bifrost

OBS.: All of this params are optional, read pyinstaller documentation for more information on how to use it.

Linux\Mac OS

You can send the and install the dependencies, or create and script/executable to automate this process, similar to windows installation

To do

  • Persistence feature
  • Bind shell connection
  • Stealth Download
  • Upload big files anonymously
  • Live/recorded voice streaming
  • Fix Bugs/Issues
  • In memory execution

Screen live stream is not possible trough Discord API 🙁


New victim connect by Bifrost
New victim connect by Bifrost
System information by Bifrost
System information by Bifrost
Bot C2 Discord by Bifrost
Bot C2 Discord by Bifrost
Screenshot remote by Bifrost
Screenshot remote by Bifrost