admin/conquest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
216 Commits 2 Branches 0 Tags
ec2388d9937fd2551221e99cf00c14d8f05e9fda
Commit Graph

216 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakob Friedl
d834e4f713 Created initial UI component template. 2025-09-05 19:39:24 +02:00
Jakob Friedl
e7ab8b5fac Created base template for ImGUI application. 2025-09-05 10:49:27 +02:00
Jakob Friedl
cb02d79b6e Fixed help flag output. 2025-09-04 15:29:54 +02:00
Jakob Friedl
e64e31a7bc Integrated sleep obfuscation settings into agent generation. 2025-09-04 13:44:50 +02:00
Jakob Friedl
e297bb2d76 Split sleep obfuscation into separate functions to increase readability and changed to manual API resolution. 2025-09-04 12:02:50 +02:00
Jakob Friedl
5ebe5d3598 Implemented the Foliage sleep obfuscation technique. 2025-09-03 23:21:45 +02:00
Jakob Friedl
d0545ffd16 Implemented 'screenshot' command. 2025-09-03 19:38:22 +02:00
Jakob Friedl
653dfac4b4 Improved sleep obfuscation cleanup. 2025-09-03 08:46:38 +02:00
Jakob Friedl
b19f8e1236 Implemented Zilean sleep obfuscation technique as an alternative to Ekko. 2025-09-02 21:41:04 +02:00
Jakob Friedl
f7d97908d1 Added initial client UI structure. 2025-09-02 12:48:46 +02:00
Jakob Friedl
4ae9add3af Implemented simple upload command. 2025-09-01 20:27:00 +02:00
Jakob Friedl
ae083896b6 Implemented simple download command. 2025-09-01 19:45:39 +02:00
Jakob Friedl
8292a5b1ff Implemented handling of different argument types (int, wstring, short) for BOF files using specific prefixes. 2025-08-30 14:05:09 +02:00
Jakob Friedl
4ceb756cfd Added 'bof' module for executing object files and fixed handling of optional arguments. 2025-08-29 15:58:26 +02:00
Jakob Friedl
352b8fd8d1 Reworked beacon.nim with definitions from trustedSec's COFFLoader. 2025-08-29 13:40:00 +02:00
Jakob Friedl
957f96f1ca Implemented COFF loader. 2025-08-28 19:00:34 +02:00
Jakob Friedl
e1ea085a0d Decided against implementing additional heap obfuscation for Ekko, due to no sensitive data being allocated in heap memory. 2025-08-28 12:47:37 +02:00
Jakob Friedl
f81933e479 Extended ekko implementation with stack spoofing. 2025-08-27 20:11:22 +02:00
Jakob Friedl
a18ad3c2cb Removed Ekko WinAPI implementation to clear up file. 2025-08-27 18:24:44 +02:00
Jakob Friedl
d3e0d5e6de Implemented Ekki according to MalDev module with both Native API and WinAPI; fixing race condition for both implementations. 2025-08-27 11:37:07 +02:00
Jakob Friedl
00866b30cd Implemented basic sleep obfuscation via the Ekko technique using WinAPI. Improvement needed! 2025-08-27 00:27:50 +02:00
Jakob Friedl
8791faec3f Implemented compile-time string obfuscation via XOR for the agent. 2025-08-26 15:11:43 +02:00
Jakob Friedl
dd7433588f Refactored random byte generation functions. 2025-08-25 20:08:23 +02:00
Jakob Friedl
84f889451c Update LICENSE 2025-08-22 11:05:49 +02:00
Jakob Friedl
2d58b76998 Update LICENSE 2025-08-22 11:04:11 +02:00
Jakob Friedl
4f0cde381b Update LICENSE 2025-08-22 10:55:54 +02:00
Jakob Friedl
5922a5b850 Created nimble package and installation instructions. 2025-08-22 10:48:00 +02:00
Jakob Friedl
0ccafaccdd Cleaned up utils.nim by removing unnecessary functions. 2025-08-21 17:08:46 +02:00
Jakob Friedl
fbb08afe31 Implemented wrapper functions for logging and console output (info, error, success, ...) 2025-08-21 17:02:50 +02:00
Jakob Friedl
c9df7aba64 Improved logging format. 2025-08-21 15:08:52 +02:00
Jakob Friedl
f69adc53a2 Implemented initial version of logging system. Log formatting and content needs to be reworked. 2025-08-20 12:55:09 +02:00
Jakob Friedl
24208f3b4b Increased delay between listener restarts to deal with segvaults. Still no 100% fix 2025-08-19 21:37:29 +02:00
Jakob Friedl
4a38f76331 Moved some compiler flags to nim.cfg 2025-08-19 21:00:52 +02:00
Jakob Friedl
8fcb60f57c Implemented replacing agent configuration instead of overwriting the full file. 2025-08-19 20:58:47 +02:00
Jakob Friedl
b023fca124 Implemented encryption for embedded profile. 2025-08-19 20:03:34 +02:00
Jakob Friedl
72fcb0d610 Refactor profile de/serialization, removing unnecessary overhead caused by TLV format. 2025-08-19 14:34:58 +02:00
Jakob Friedl
00a2eb40bf Added data/[logs/loot] directories to GitHub 2025-08-18 22:09:43 +02:00
Jakob Friedl
84e8730b1e Implemented profile embedding via patching a placeholder in the agent executable. Agent correctly deserializes and parses the profile and listener configuration. 2025-08-18 22:05:23 +02:00
Jakob Friedl
023a562be5 Implemented server output encoding for task retrieval. 2025-08-17 17:01:50 +02:00
Jakob Friedl
739faf781e Added more randomization. The profile now supports setting keys to an array of strings, from which a random one is chosen each time (useful for e.g. Host header, etc.) 2025-08-17 16:27:48 +02:00
Jakob Friedl
22c15dd82c Added randomization to profile strings by replacing '#' with random alphanumerical chars. 2025-08-15 16:18:15 +02:00
Jakob Friedl
c7980d219d Added profile system to agent communication. Randomized URL endpoints/request methods and dynamic data transformation based on C2 profile. Profile is defined as compile-time string for now. 2025-08-15 15:42:57 +02:00
Jakob Friedl
5a73c0f2f4 Improved working with profiles by adding helper retrieval functions. 2025-08-14 19:33:32 +02:00
Jakob Friedl
714360ef24 Updated profile system, including dynamic parsing of hidden heartbeats and setting of response headers. 2025-08-14 15:53:58 +02:00
Jakob Friedl
e403ac1c07 Refactored utility functions to make them more readable and removed separate register endpoint. 2025-08-14 12:25:06 +02:00
Jakob Friedl
ee93445739 Refine profile structure. 2025-08-13 21:42:58 +02:00
Jakob Friedl
415cd7ebf8 Started implementing profile system. 2025-08-13 19:32:51 +02:00
Jakob Friedl
b7622dd72f Updated C2 communication to hide heartbeat data in JWT token. 2025-08-13 13:38:39 +02:00
Jakob Friedl
0e205d34d3 Updated sequence number to uint32 2025-08-06 14:28:54 +02:00
Jakob Friedl
ea00e67e80 Updated ps command output. 2025-08-06 12:46:53 +02:00