{"id":28392572,"url":"https://github.com/1birdo/gostress-v2","last_synced_at":"2026-03-07T11:31:25.183Z","repository":{"id":288789092,"uuid":"968782646","full_name":"1Birdo/Gostress-V2","owner":"1Birdo","description":"GostressV2: Just a simpler more chill, non-Tor version","archived":false,"fork":false,"pushed_at":"2025-04-22T14:08:11.000Z","size":76,"stargazers_count":3,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-26T04:35:58.079Z","etag":null,"topics":["audited","bot","botnet","c2","command","command-control","csrf-protection","ddos","ddos-attacks","devices","https","proxy","secure","stress-testing","stressersource","tls","user-managment","webdashboard"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/1Birdo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-18T18:11:57.000Z","updated_at":"2025-05-07T09:22:51.000Z","dependencies_parsed_at":"2025-05-24T18:26:08.474Z","dependency_job_id":"f54c7df5-f5fd-4b5e-9e26-09b2022f2489","html_url":"https://github.com/1Birdo/Gostress-V2","commit_stats":null,"previous_names":["birdo1221/gostress-v2","1birdo/gostress-v2"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/1Birdo/Gostress-V2","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-V2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-V2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-V2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-V2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/1Birdo","download_url":"https://codeload.github.com/1Birdo/Gostress-V2/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/1Birdo%2FGostress-V2/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30212124,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-07T09:02:10.694Z","status":"ssl_error","status_checked_at":"2026-03-07T09:02:08.429Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audited","bot","botnet","c2","command","command-control","csrf-protection","ddos","ddos-attacks","devices","https","proxy","secure","stress-testing","stressersource","tls","user-managment","webdashboard"],"created_at":"2025-05-31T13:43:44.078Z","updated_at":"2026-03-07T11:31:25.154Z","avatar_url":"https://github.com/1Birdo.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Gostress-V2 C2 Framework\n\nGostressV2: Just a simpler more chill, non-Tor version\n\n\u003e This does support Proxys like Original the [Gostress-Enhanced ](https://github.com/Birdo1221/Gostress-Enhanced)\n\n## 📌 Overview\n\nA robust command and control framework designed for authorized penetration testing and security research.\n\n- **Encrypted TLS Communication** with client agents\n- **Direct Secure Connection** with end-to-end encryption\n- **Multi-user Role-Based Access Control**\n- **Real-time Dashboard** with performance metrics\n- **Multiple Network Testing Vectors** with adaptive rate limiting\n- **Client Health Monitoring** with heartbeat system\n\nThe supplied User is `root:jDT38z7X82Ox`\n\n\u003e ⚠️ **Important**: This framework is intended solely for authorized security testing, educational purposes, and legitimate security research. Always obtain proper authorization before testing any system. Unauthorized use may violate laws and regulations.\n\n| Startup | \n|---------|\n| ![Startup](https://github.com/user-attachments/assets/b888a4cd-9694-46b5-9ef8-8d5d0e953811) | \n\n| Login | Dashboard |\n|-------|----------|\n| ![Login](https://github.com/user-attachments/assets/b7d94ab4-6786-46e2-8864-83950e7d4457) | ![Dashboard](https://github.com/user-attachments/assets/2a7da7cc-1806-458a-b80d-62b35c7d90d7) |\n\n| Users | Commands | Sys-Settings |\n|-------|----------|--------------|\n| ![Users](https://github.com/user-attachments/assets/f8511390-9367-4d4a-9338-94dc9d007b87) | ![Commands](https://github.com/user-attachments/assets/c1259bb6-cf1b-4a85-8b30-5d6f960c92e0) | ![Sys-Setting](https://github.com/user-attachments/assets/9e4f4fca-3321-4685-bfed-caec01ac999e) |\n\n## 🔥 Features\n\n### Core Architecture\n\n- **Asynchronous Design**: Non-blocking I/O for 10,000+ concurrent clients\n- **Modular Testing System**: Pluggable test modules with runtime validation\n- **Ephemeral Clients**: Auto-cleanup of stale connections\n- **HMAC Challenge-Response**: For client authentication\n\n```mermaid\nsequenceDiagram\n    Client-\u003e\u003eServer: TCP Handshake (TLS 1.3)\n    Server-\u003e\u003eClient: CHALLENGE:nonce\n    Client-\u003e\u003eServer: HMAC-SHA256(nonce)\n    Server-\u003e\u003eClient: AUTH_SUCCESS\n    loop Heartbeat\n        Client-\u003e\u003eServer: PONG (30s interval)\n    end\n```\n\n### Network Testing Capabilities\n\n| Method | Layer | Description | Max Duration |\n|--------|-------|-------------|--------------|\n| UDP Test | 4 | High-volume UDP packet testing | 3600s |\n| TCP Smart | 4 | Stateful TCP session analysis | 1800s |\n| GRE Test | 3 | Protocol examination with GRE packets | 600s |\n| HTTP Connection Test | 7 | Partial HTTP requests with keepalive | 300s |\n\n### Security Features\n\n- **Argon2id Password Hashing**: 128MB memory / 4 threads\n- **JWT Authentication**: 15-minute expiry with refresh\n- **CSRF Protection**: Per-session tokens\n- **CSP Headers**: Strict Content Security Policy\n- **IP Binding**: Optional client IP verification\n- **Forward Secrecy**: TLS 1.3 with PFS cipher suites\n\n## 🛠️ Installation\n\n### Prerequisites\n\n```bash\nsudo apt install golang-go postgresql\n```\n\n### Setup\n\nGenerate certificates:\n```bash\ngo run main.go -gencert\n```\n\nConfigure the server:\n```bash\n# Edit config.json to set binding address, ports and security settings\nnano config.json\n```\n\n## 🖥️ Dashboard Features\n\n```mermaid\npie\n    title Dashboard Components\n    \"Client Network\" : 35\n    \"Test Control\" : 30\n    \"User Management\" : 20\n    \"Analytics\" : 15\n```\n\n### Real-time Monitoring\n\n- Client geographic distribution\n- CPU/RAM utilization heatmap\n- Network throughput graphs\n- Packet loss metrics\n\n### User Roles\n\n| Role | Concurrent Tests | Methods Available | Duration Limit |\n|------|-----------------|-------------------|---------------|\n| Owner | 5 | All | 60 min |\n| Admin | 5 | No UPDATE command | 30 min |\n| Pro | 3 | Basic protocols | 10 min |\n| Basic | 1 | UDP/TCP only | 5 min |\n\n## ⚡ Quick Start\n\nStart the server:\n```bash\ngo build -o secure-c2 \u0026\u0026 ./secure-c2\n```\n\nAccess via HTTPS:\n```bash\ncurl -k https://localhost:443\n```\n\nDefault credentials:\n```\nUsername: root\nPassword: [generated during first run]\n```\n\n## 📊 Performance Metrics\n\n```mermaid\ngantt\n    title Test Lifecycle\n    dateFormat  HH:mm:ss\n    section Client Network\n    Connection Establishment :a1, 00:00:00, 5s\n    Challenge Response      :a2, after a1, 3s\n    section Test\n    Command Propagation     :a3, 00:00:08, 2s\n    Traffic Generation      :a4, after a3, 30s\n```\n\n- Throughput: 1.2M packets/sec per client\n- Latency: \u003c100ms command propagation (direct connection)\n- Scalability: Tested with 5,000 concurrent clients\n\n## 🔐 Enhanced Security Options\n\n### Network Security Configuration\n\n- **IP Allowlisting**: Restrict client connections by IP range\n- **Connection Rate Limiting**: Prevent brute force attempts\n- **TLS Certificate Pinning**: For verified client connections\n- **Optional VPN Integration**: For additional security layer\n\n### Defensive Measures\n\n```mermaid\ngraph LR\n    A[Incoming Request] --\u003e B{Rate Limited?}\n    B --\u003e|No| C[HMAC Validation]\n    B --\u003e|Yes| D[Drop Connection]\n    C --\u003e E[Command Whitelist Check]\n    E --\u003e F[Execute Command]\n```\n\n## 🚨 Legal \u0026 Ethical Considerations\n\nThis tool is provided for **educational and authorized security testing purposes only**. It is your responsibility to:\n\n1. Obtain proper authorization before testing any system\n2. Comply with all applicable laws and regulations\n3. Use this tool only in environments you own or have explicit permission to test\n4. Understand that the developers assume no liability for misuse\n\n## 📜 License\n\nGNU General Public License v3.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1birdo%2Fgostress-v2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F1birdo%2Fgostress-v2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F1birdo%2Fgostress-v2/lists"}