https://github.com/ice-wzl/tracker

This repo is designed as an implant tracker for Red Teams. It provies a way to track different implant version used, in addition to where implants are deployed.
https://github.com/ice-wzl/tracker

flask-application implant pentest pentest-tool pentesting redteam redteam-tools redteaming sql

Last synced: about 1 year ago
JSON representation

This repo is designed as an implant tracker for Red Teams. It provies a way to track different implant version used, in addition to where implants are deployed.

• Host: GitHub
• URL: https://github.com/ice-wzl/tracker
• Owner: ice-wzl
• License: gpl-3.0
• Created: 2024-10-26T20:03:23.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-01-05T17:58:37.000Z (over 1 year ago)
• Last Synced: 2025-02-08T06:17:14.935Z (over 1 year ago)
• Topics: flask-application, implant, pentest, pentest-tool, pentesting, redteam, redteam-tools, redteaming, sql
• Language: JavaScript
• Homepage:
• Size: 157 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# TRACKER

![Screenshot from 2024-10-26 19-54-09](https://github.com/user-attachments/assets/cecf893c-0d62-4acd-91fa-4f6b3554b13d)

- This repo is designed for Red Teams to track their implant deployments across different engagements. It provies an ability to track locations, implant versions, target IDs, and campaign IDs. It further provies a way to centralize engagement notes allowing different Red Team operators to have access to all the notes across an engagement.

## Install

- This repo should work across Linux distributions, however it has only been tested and verified on Ubuntu 24.04

- I recommend using a virtual enviroment to avoid dependency conflicts.

````

sudo apt update

# install required dependencies 

sudo apt install -y pkg-config python3-dev libmysqlclient-dev build-essential

cd application/

python3 -m venv venv

source venv/bin/activate 

pip3 install -r requirements.txt

# fix Werkzeug deprecation issues

pip3 install --upgrade Flask Werkzeug

pip install --upgrade mysql-connector-python

````

## Database Setup

- Install mysql database 

````

sudo apt install mysql-server

````

- If youre using socket authentication connect with `sudo mysql`

- Connect to your database `mysql -u root -p`

- Run the files in order listed below 

````

source users.sql

source DDL.sql

source procedure_functions.sql

source permissions.sql

````

## Run the application 

- Once your database is set up you can `cd application/` and run the application with 

````

python3 app.py

````

## Example Systemd service file 

````

/etc/systemd/system/tracker.service

[Unit]

Description=tracker

After=network.target

[Service]

User=www-data

Group=www-data

WorkingDirectory=/opt/tracker/application

ExecStart=/opt/tracker/application/venv/bin/python3 /opt/tracker/application/app.py

Restart=always

Environment="PATH=/opt/tracker/application/venv/bin"

Environment="VIRTUAL_ENV=/opt/tracker/application/venv"

[Install]

WantedBy=multi-user.target

````

## How to use this application

### Add Location

- Start by adding a location that your Red Team will be operating in. Input the State and the Country.

![Screenshot from 2024-10-26 20-01-02](https://github.com/user-attachments/assets/05bdb090-5055-4ef2-b39e-8eb3502ecf5d)

### Add Campaign

- Then create a Campaign

![Screenshot from 2024-10-26 20-02-08](https://github.com/user-attachments/assets/22292c36-f978-414d-bbf7-983372bbfc6f)

### Add Targets

- After creating a campaign, you can now identify target hosts and add them as targets tying them to a campaign. This will keep your targets organized and all linked to your specific Red Team campaign.

- You can either name hosts in the target network numberically or by hostname, either is possible.

![image](https://github.com/user-attachments/assets/77d9d831-3372-4854-badb-5c4f54435af3)

## Add Implants

- You can add implants that your Red Team is using and track their version

- You will need to have implants added before you create and implant deployment on a target.

- For example you can add `Sliver v5.4` and `Meterpreter 6.3`. This will assign the implant an implant ID which you can use in the `add_deployment` page.

## Add Deployment

- This page will allow you to track deployed implants in the Red Team engangement. You will need your Campaign ID, Target ID, and Implant ID. These can be gathered from the respective pages. You can further annotate any automatic kill-date along with the Red Team operator that installed the implant.

![Screenshot from 2024-10-26 20-12-20](https://github.com/user-attachments/assets/5b3c76ae-5d00-461d-82fd-eb90042cb23e)

## FAQ

1. Why did you not pull some of the Javascript libs from a cdn and instead include them in the repo?

  - I wanted to be able to run this application on a host that cannot reach the internet. This would have caused all the libs to fail to load. Many Red Teams might want to host this application on a host that is not internet accessible.

3. Where did the name come from

  - TRACKER should make your red team engagements faster and more organized.

## Bugs?

- If you find a bug, please open an Issue or submit a PR, happy to accept PRs!

## TO DO 

- add ability to modify any data after processing except notes. important notes are not allowed to be changed

- fix css from overflowing in notes

- have notes search start collapsed, too much data