{"id":28392575,"url":"https://github.com/1birdo/gostress-tor-v2","last_synced_at":"2026-01-27T12:37:02.972Z","repository":{"id":288788186,"uuid":"968756003","full_name":"1Birdo/Gostress-Tor-V2","owner":"1Birdo","description":"Gostress-Tor: Designed more for anonymity and hidden operations via Tor.","archived":false,"fork":false,"pushed_at":"2025-04-19T15:14:00.000Z","size":86,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-26T04:35:58.598Z","etag":null,"topics":["audited","bot","botnet","c2","command","command-control","csrf-protection","ddos","ddos-attacks","devices","i2p","onion","onion-services","proxy","secure","stress-testing","stressersource","tor","user-management","webdashboard"],"latest_commit_sha":null,"homepage":"https://birdo.uk","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/1Birdo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-18T17:11:56.000Z","updated_at":"2025-06-02T19:21:32.000Z","dependencies_parsed_at":null,"dependency_job_id":"499c97b6-7e13-413e-95b3-79d17ac0ba2d","html_url":"https://github.com/1Birdo/Gostress-Tor-V2","commit_stats":null,"previous_names":["birdo1221/gostress-tor-v2","1birdo/gostress-tor-v2"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/1Birdo/Gostress-Tor-V2","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-Tor-V2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-Tor-V2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-Tor-V2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-Tor-V2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/1Birdo","download_url":"https://codeload.github.com/1Birdo/Gostress-Tor-V2/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-Tor-V2/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28813215,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T12:25:15.069Z","status":"ssl_error","status_checked_at":"2026-01-27T12:25:05.297Z","response_time":168,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audited","bot","botnet","c2","command","command-control","csrf-protection","ddos","ddos-attacks","devices","i2p","onion","onion-services","proxy","secure","stress-testing","stressersource","tor","user-management","webdashboard"],"created_at":"2025-05-31T13:43:45.383Z","updated_at":"2026-01-27T12:37:02.957Z","avatar_url":"https://github.com/1Birdo.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Tor C2 Framework\n\n* Tor C2 Framework with Tor Support* + Bot / CLient \n\n## 📌 Overview\n\n\u003e This does not require or support proxies by default. However, you can configure a proxy for the bot to connect through and then route all traffic through Tor to reach the domain. This adds an extra layer of anonymity, while also protecting the server's infrastructure from being directly exposed.\n\u003e \n\u003e  On the downside, it introduces slower connection times, potential instability due to Tor exit node changes, and added complexity during setup and debugging. It may also cause some services to block traffic or flag it as suspicious. So while it enhances privacy and makes tracking harder, it also comes with trade-offs in terms of performance and reliability.\n\n- **Encrypted TLS Communication** with client agents\n- **Tor Hidden Service** integration for anonymous operation\n- **Multi-user Role-Based Access Control**\n- **Real-time Dashboard** with performance metrics\n- **Multiple Network Testing Vectors** with adaptive rate limiting\n- **Client Health Monitoring** with heartbeat system\n\n\u003e ⚠️ **Important**: This framework is intended solely for authorized security testing, educational purposes, and legitimate security research. Always obtain proper authorization before testing any system. Unauthorized use may violate laws and regulations.\n\n| Startup | \n|---------|\n| ![Startup](https://github.com/user-attachments/assets/9ff3101e-cea6-4a7c-8d13-af54f8c891cc) | \n\n| Login | Dashboard |\n|-------|----------|\n| ![Login](https://github.com/user-attachments/assets/26734671-aae5-4240-a7e6-ee6ed836e5f8) | ![Dashboard](https://github.com/user-attachments/assets/e7872d5c-e78b-47d8-b580-8dcf16b7a79a) |\n\n| Users | Commands | Sys-Settings |\n|-------|----------|--------------|\n| ![Users](https://github.com/user-attachments/assets/5937982b-fe99-4e0f-a859-54ff94b187cd) | ![Commands](https://github.com/user-attachments/assets/092f24e0-f332-4496-b399-2b00b76908c9) | ![Sys-Setting](https://github.com/user-attachments/assets/50c66a61-8ca4-4def-b28c-cce4e08909c4) |\n\n## 🔥 Features\n\n### Core Architecture\n\n- **Asynchronous Design**: Non-blocking I/O for 10,000+ concurrent clients\n- **Modular Testing System**: Pluggable test modules with runtime validation\n- **Ephemeral Clients**: Auto-cleanup of stale connections\n- **HMAC Challenge-Response**: For client authentication\n\n```mermaid\nsequenceDiagram\n    Client-\u003e\u003eServer: TCP Handshake (TLS 1.3)\n    Server-\u003e\u003eClient: CHALLENGE:nonce\n    Client-\u003e\u003eServer: HMAC-SHA256(nonce)\n    Server-\u003e\u003eClient: AUTH_SUCCESS\n    loop Heartbeat\n        Client-\u003e\u003eServer: PONG (30s interval)\n    end\n```\n\n### Network Testing Capabilities\n\n| Method | Layer | Description | Max Duration |\n|--------|-------|-------------|--------------|\n| UDP Test | 4 | High-volume UDP packet testing | 3600s |\n| TCP Smart | 4 | Stateful TCP session analysis | 1800s |\n| GRE Test | 3 | Protocol examination with GRE packets | 600s |\n| HTTP Connection Test | 7 | Partial HTTP requests with keepalive | 300s |\n\n### Security Features\n\n- **Argon2id Password Hashing**: 128MB memory / 4 threads\n- **JWT Authentication**: 15-minute expiry with refresh\n- **CSRF Protection**: Per-session tokens\n- **CSP Headers**: Strict Content Security Policy\n- **WebRTC Disabled**: Prevents IP leakage\n\n## 🛠️ Installation\n\n### Prerequisites\n\n```bash\nsudo apt install tor golang-go postgresql\n```\n\n### Setup\n\nGenerate certificates:\n```bash\ngo run main.go -gencert\n```\n\nConfigure Tor (automatically done by server):\n```bash\ncat \u003e /etc/tor/torrc \u003c\u003cEOF\nHiddenServiceDir /var/lib/tor/scream_service/\nHiddenServicePort 80 127.0.0.1:443\nEOF\n```\n\n## 🖥️ Dashboard Features\n\n```mermaid\npie\n    title Dashboard Components\n    \"Client Network\" : 35\n    \"Test Control\" : 30\n    \"User Management\" : 20\n    \"Analytics\" : 15\n```\n\n### Real-time Monitoring\n\n- Client geographic distribution\n- CPU/RAM utilization heatmap\n- Network throughput graphs\n- Packet loss metrics\n\n### User Roles\n\n| Role | Concurrent Tests | Methods Available | Duration Limit |\n|------|-----------------|-------------------|---------------|\n| Owner | 5 | All | 60 min |\n| Admin | 5 | No UPDATE command | 30 min |\n| Pro | 3 | Basic protocols | 10 min |\n| Basic | 1 | UDP/TCP only | 5 min |\n\n## ⚡ Quick Start\n\nStart the server:\n```bash\ngo build -o scream \u0026\u0026 ./scream \n```\n\nAccess via Tor:\n```bash\ntorify curl http://youronionaddress.onion\n```\n\nDefault credentials:\n```\nUsername: root\nPassword: [generated during first run]\n```\n\n## 📊 Performance Metrics\n\n```mermaid\ngantt\n    title Test Lifecycle\n    dateFormat  HH:mm:ss\n    section Client Network\n    Connection Establishment :a1, 00:00:00, 5s\n    Challenge Response      :a2, after a1, 3s\n    section Test\n    Command Propagation     :a3, 00:00:08, 2s\n    Traffic Generation      :a4, after a3, 30s\n```\n\n- Throughput: 1.2M packets/sec per client\n- Latency: \u003c200ms command propagation\n- Scalability: Tested with 5,000 concurrent clients\n\n## 🔒 Security Considerations\n\n### Operational Security\n\n- All traffic routed through Tor\n- Server IP never exposed to clients\n- Memory-safe implementations\n- No persistent client identifiers\n\n### Defensive Measures\n\n```mermaid\ngraph LR\n    A[Incoming Request] --\u003e B{Rate Limited?}\n    B --\u003e|No| C[HMAC Validation]\n    B --\u003e|Yes| D[Drop Connection]\n    C --\u003e E[Command Whitelist Check]\n    E --\u003e F[Execute Command]\n```\n\n## 🚨 Legal \u0026 Ethical Considerations\n\nThis tool is provided for **educational and authorized security testing purposes only**. It is your responsibility to:\n\n1. Obtain proper authorization before testing any system\n2. Comply with all applicable laws and regulations\n3. Use this tool only in environments you own or have explicit permission to test\n4. Understand that the developers assume no liability for misuse\n\n## 📜 License\n\nGNU General Public License v3.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1birdo%2Fgostress-tor-v2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F1birdo%2Fgostress-tor-v2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1birdo%2Fgostress-tor-v2/lists"}