{"id":13775694,"url":"https://github.com/infosecn1nja/ycsm","last_synced_at":"2025-04-07T02:33:42.622Z","repository":{"id":128792126,"uuid":"170980131","full_name":"infosecn1nja/ycsm","owner":"infosecn1nja","description":"This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).","archived":false,"fork":false,"pushed_at":"2019-07-02T07:32:52.000Z","size":83,"stargazers_count":83,"open_issues_count":2,"forks_count":36,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-03-22T10:42:39.313Z","etag":null,"topics":["infrastructure","nginx","nginx-reverse-proxy","red-team","redirector","staging"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/infosecn1nja.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"security/block-ip.conf","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-02-16T08:22:46.000Z","updated_at":"2025-03-03T18:54:11.000Z","dependencies_parsed_at":"2023-03-21T15:08:49.208Z","dependency_job_id":null,"html_url":"https://github.com/infosecn1nja/ycsm","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infosecn1nja%2Fycsm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infosecn1nja%2Fycsm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infosecn1nja%2Fycsm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/infosecn1nja%2Fycsm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/infosecn1nja","download_url":"https://codeload.github.com/infosecn1nja/ycsm/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247583110,"owners_count":20961970,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["infrastructure","nginx","nginx-reverse-proxy","red-team","redirector","staging"],"created_at":"2024-08-03T17:01:46.350Z","updated_at":"2025-04-07T02:33:37.605Z","avatar_url":"https://github.com/infosecn1nja.png","language":"Shell","funding_links":[],"categories":["\u003ca id=\"9e3a9beb5ecf36b9624525bc3cfef78a\"\u003e\u003c/a\u003e工具","\u003ca id=\"6e80463404d46f0493cf6e84597e4b5c\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"964a3580a7a7f66571ee1d2c0f34f2d6\"\u003e\u003c/a\u003e新添加","\u003ca id=\"e99ba5f3de02f68412b13ca718a0afb6\"\u003e\u003c/a\u003eTor\u0026\u0026\u0026Onion\u0026\u0026洋葱"],"readme":"# You Can't See Me (YCSM)\n\nThis is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular RATS (Cobalt Strike, Empire, Metasploit).\n\nIf HTTPS was selected, it will automatically setup letsencrypt certbot and obtain valid letsencrypt SSL certificates for your redirector domain name, and start nginx using the generated configuration. Using redirector an added benefit of using a separate host if domain is burned, real IP of C2 will still be useable. \n\n## Features\n* Evade Vendor Sandboxes.\n* Block Shodan Access.\n* Block Vulnerability Scanners \u0026 Bots.\n* Auto SSL setup for HTTPS using letsencrypt certbot.\n* Adds original source ip to user-agent header for easy tracking.\n* Auto-Renew for Let's Encrypt SSL Certificates.\n* Nginx Hardening Servers with Fail2Ban.\n* Block Accessing Redirector From Mobile.\n* JQuery profiling users inspired by APT29 useful to sniff tier 1 SOC (https://github.com/samsayen/JQueryingU).\n\n## Getting Started\n```\ngit clone https://github.com/infosecn1nja/ycsm\ncd ycsm\nchmod +x ycsm-setup.sh\n\n1) Setup Nginx Redirector\n2) Check Status\n3) Blocking Shodan\n4) Configure Fail2Ban\n5) Quit\n\n  YCSM - Select an Option:\n```\n\n## Resources\n* [Cobalt Strike Team Server Population Study](https://blog.cobaltstrike.com/2019/02/19/cobalt-strike-team-server-population-study/)\n* [Red Team Infrastructure Wiki](https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finfosecn1nja%2Fycsm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finfosecn1nja%2Fycsm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finfosecn1nja%2Fycsm/lists"}