All Projects → Ziconius → Fudgec2

Ziconius / Fudgec2

Licence: gpl-3.0
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects
powershell
5483 projects

Projects that are alternatives of or similar to Fudgec2

ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+118.85%)
Mutual labels:  post-exploitation, offensive-security, redteam
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-55.5%)
Mutual labels:  cybersecurity, redteam, offensive-security
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+100%)
Mutual labels:  security-tools, cybersecurity, redteam
Atomic Red Team Intelligence C2
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Stars: ✭ 87 (-54.45%)
Mutual labels:  redteam, post-exploitation, offensive-security
Blackmamba
C2/post-exploitation framework
Stars: ✭ 544 (+184.82%)
Mutual labels:  security-tools, post-exploitation, offensive-security
Oscp Pentest Methodologies
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166 (-13.09%)
Mutual labels:  cybersecurity, redteam, post-exploitation
Black Widow
GUI based offensive penetration testing tool (Open Source)
Stars: ✭ 124 (-35.08%)
Mutual labels:  cybersecurity, offensive-security
Silenttrinity
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+825.13%)
Mutual labels:  security-tools, post-exploitation
Knary
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-2.09%)
Mutual labels:  security-tools, offensive-security
Nimscan
🚀 Fast Port Scanner 🚀
Stars: ✭ 134 (-29.84%)
Mutual labels:  security-tools, redteam
Punk.py
unix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-43.98%)
Mutual labels:  post-exploitation, offensive-security
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+861.78%)
Mutual labels:  security-tools, redteam
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+909.42%)
Mutual labels:  security-tools, offensive-security
Cypheroth
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (-6.28%)
Mutual labels:  cybersecurity, redteam
Defaultcreds Cheat Sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+920.42%)
Mutual labels:  cybersecurity, offensive-security
Gitlab Watchman
Monitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-33.51%)
Mutual labels:  cybersecurity, redteam
Awesome Malware
💻⚠️ A curated collection of awesome malware, botnets, and other post-exploitation tools.
Stars: ✭ 108 (-43.46%)
Mutual labels:  cybersecurity, post-exploitation
Redteam Tactics And Techniques
Red Teaming Tactics and Techniques
Stars: ✭ 2,190 (+1046.6%)
Mutual labels:  redteam, offensive-security
Powershell Red Team
Collection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (-18.85%)
Mutual labels:  cybersecurity, redteam
Personal Security Checklist
🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021
Stars: ✭ 2,388 (+1150.26%)
Mutual labels:  security-tools, cybersecurity

FudgeC2

Commit Activity Code Quality Licence Stars

FudgeC2 is a Powershell C2 platform designed to facilitate team collaboration and campaign timelining, released at BlackHat Arsenal USA 2019. This aims to help clients better understand red team activities by presenting them with more granular detail of adversarial techniques.

Built on Python3 with a web frontend, FudgeC2 aims to provide red team operators a simple interface in which to manage active implants across their campaigns.

FudgeC2 is in active development, and is receiving regular updates - if you have feature suggestions reach out with your ideas and suggestions.

Installation

To install and configure FudgeC2 run the following:

git clone https://github.com/Ziconius/FudgeC2
cd FudgeC2/FudgeC2
sudo pip3 install -r requirements.txt
sudo python3 Controller.py

This will generate the F2 database, and first time credentials. You will then be able to access the platform from http[s]://127.0.0.1:5001/. The logon credentials are:

admin:letmein

For more information on installation and configuration see the wiki, here.

Implant Functionality and Usage

FudgeC2 breaks projects down into campaigns. Each campaign will have their own implant templates, active implants, users, and targets.

To start you simply need to generate a new campaign, create an implant template with the campaign, and trigger one of the stagers on a target computer.

fudgec2_implant_example

F2 implants contain a variety of builtin commands, which are also easily extended upon allowing operators the chance to create their own builtin functionality. An overview of functionality can be seen below, for more information on the builtin implant functionality or how to create custom modules see FudgeC2s' wiki, found here.

Implant functionality

Command Info
<command> If no builtin prefix in used the submitted value will be directly executed by Powershell.
:: sys_info Collects username, hostname, domain, and local IP
:: enable_persistence Enables persistence by embedding a stager payload into the following autorun registry key
:: export_clipboard Attempts to collect any text data stored in the users clipboard.
:: load_module [target script] This will load external powershell modules, such as JAWS.
:: exec_module [loaded module name] Executes a specific function of a loaded module.
:: list_modules Lists all loaded modules by the implant.
:: download_file [target file] Downloads the target file to the FudgeC2 server
:: upload_file [local file] [remote path/filename] Uploads a file to the target path and specific filename
:: play_audio [audio file (WAV)] Plays a WAV audio file on the compromised host.
:: screenshot Takes a screenshot of the compromised hosts desktop.

Contributing

All contributions, suggestions, and feature requests are welcome. Feel free to reach out over GitHub, or via Twitter with ideas, suggestions and questions.

License

The FudgeC2 project and all module are under the GNU General Public License v3.0 unless explicitly noted otherwise. You can find the full licence here

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].