Update README.md
This commit is contained in:
Jakob Friedl
42
README.md
42
README.md
@@ -1,11 +1,35 @@
|
||||
# Conquest Framework
|
||||
# Conquest
|
||||
|
||||
Compile with Nim:
|
||||
```
|
||||
nim c src/server/main.nim
|
||||
```
|
||||
Conquest is an advanced, extensible and malleable command & control/post-exploitation framework developed for penetration testing and adversary simulation. Conquest's team server, operator client and agent have all been written using the Nim programming language and are designed with modularity and flexibility in mind. It features custom C2 communication via binary packets over HTTP, a client UI developed using Dear ImGui and the `Monarch` agent, which can be equipped with numerous specialized modules.
|
||||
|
||||
From the `bin` directory, start the team server:
|
||||
```
|
||||
./server
|
||||
```
|
||||
|
||||
|
||||
> [!CAUTION] Disclaimer
|
||||
> Conquest is designed to be only used for educational purposes, research and authorized security testing of systems that you own or have an explicit permission to attack. The author provides no warranty and accepts no liability for misuse.
|
||||
|
||||
## Architecture
|
||||
|
||||
TBD
|
||||
|
||||
## Features
|
||||
|
||||
- Flexible operator GUI client written with Dear ImGui in Nim
|
||||
- HTTP listeners with support for callback hosts (Redirectors)
|
||||
- Support for malleable C2 profiles (TOML)
|
||||
- Customizable payload generation
|
||||
- Encrypted C2 communication leveraging AES256-GCM and X25519 key exchange
|
||||
- Sleep obfuscation via Ekko, Zilean or Foliage with support for call stack spoofing
|
||||
- Inline-execution of COFF/BOF files
|
||||
- Inline-execution of .NET assemblies
|
||||
- Token impersonation
|
||||
- AMSI/ETW patch using hardware breakpoints
|
||||
- Compile-time string obfuscation
|
||||
- Wide selection of built-in post-exploitation modules
|
||||
- Looting and loot management
|
||||
- Logging of all operator activity
|
||||
|
||||
## Screenshots
|
||||
|
||||
|
||||
|
||||
|
||||
BIN
assets/image-1.png
Normal file
BIN
assets/image-1.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 736 KiB |
BIN
assets/image-2.png
Normal file
BIN
assets/image-2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 1.6 MiB |
BIN
assets/image.png
Normal file
BIN
assets/image.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 229 KiB |
@@ -25,8 +25,8 @@ proc main() =
|
||||
|
||||
#[
|
||||
Agent routine:
|
||||
1. Register to the team server if not already register
|
||||
2. Sleep Obfuscation
|
||||
1. Sleep Obfuscation
|
||||
2. Register to the team server if not already register
|
||||
3. Retrieve tasks via checkin request to a GET endpoint
|
||||
4. Execute task and post result
|
||||
5. If additional tasks have been fetched, go to 3.
|
||||
|
||||
Reference in New Issue
Block a user