https://github.com/threadlinee/redteamc2

working in progress
https://github.com/threadlinee/redteamc2

Last synced: 7 months ago
JSON representation

working in progress

• Host: GitHub
• URL: https://github.com/threadlinee/redteamc2
• Owner: Threadlinee
• License: other
• Created: 2025-06-29T12:16:52.000Z (7 months ago)
• Default Branch: main
• Last Pushed: 2025-06-29T22:39:43.000Z (7 months ago)
• Last Synced: 2025-06-29T23:26:06.933Z (7 months ago)
• Language: HTML
• Homepage:
• Size: 2.01 MB
• Stars: 1
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# RedTeamC2

## ✅ Tech Stack Summary

| Component         | Description                                                      |

|------------------|------------------------------------------------------------------|

| **C# Agent**     | Lightweight, stealthy implant for Windows                        |

| **Python Server**| Flask + SocketIO for real-time tasking and agent handling        |

| **Encryption**   | TLS + AES (custom protocol on top of HTTPS)                      |

| **SOCKS Proxy**  | Pivot via infected host to reach internal targets                |

| **File/Command** | Upload/download files, execute commands, capture screenshots     |

| **Web UI**       | Command center to monitor, control, and manage agents            |

| **Staging**      | Delivers DLLs or shellcode over HTTPS, injects in-memory         |

---

## 🧠 Future Add-Ons (Advanced Ideas)

- **OPSEC mode:** Random jitter, HTTP user-agent rotation, domain fronting

- **EDR bypass:** AMSI bypass, inline PowerShell injection

- **Cross-platform support:** Add Python/Linux and macOS stagers

- **Transport Modules:** Add DNS, HTTP2, or custom TCP beaconing transports

- **Integration:** Export sessions to BloodHound or Covenant format

---

## 1. Red Team Command & Control (C2) Framework

**Languages:** C# (Implant/Agent) + Python (Server)

### Why?

Custom C2 frameworks give red teams flexibility over traditional tools like Cobalt Strike.

### Features

- Encrypted communication (TLS + AES)

- File upload/download, shell execution, screenshot capture

- SOCKS proxying (for pivoting)

- Built-in staging (DLL or shellcode delivery)

- Web UI (Flask or Blazor)

**✅ Pro:** Learn OPSEC, evasion, persistence

**💡 Use:**

- `System.Management.Automation`, `System.Net.Http` (C#)

- Python's `cryptography`, `Flask-SocketIO`