shiky8/tikc2

TikC2 is a creative but highly fragile proof-of-concept. While the idea of using TikTok as a C2 channel is a novel combination of social media exploitation and steganography, the project has zero stars, zero forks, and no active development. Its defensibility is near zero because the 'moat' consists purely of the specific automation scripts used to scrape comments and upload videos—both of which are trivial to replicate or break via TikTok's platform updates. From a competitive standpoint, it occupies a niche in the Red Teaming/security research space similar to tools like Slackor (Slack C2) or GOSC2 (Google Sheets C2), but it is significantly less mature. The 'platform_domination_risk' is rated high not because a frontier lab would build this, but because TikTok (ByteDance) can trivially neutralize this entire project by updating their bot detection or comment moderation algorithms. As an exfiltration method, generating and uploading a video for every command output is extremely inefficient and slow, making it more of a technical curiosity than a viable long-term tool for sophisticated actors.