![Discord](https://img.shields.io/discord/882642569207644200?logo=discord&label=Discord)
![GitHub issues](https://img.shields.io/github/issues/DragoQCC/HardHatC2)
![GitHub Repo stars](https://img.shields.io/github/stars/DragoQcc/HardHatC2?style=social)
![GitHub forks](https://img.shields.io/github/forks/Dragoqcc/HardHatC2?style=social)
![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/DragoQcc/HardHatc2)
![GitHub last commit](https://img.shields.io/github/last-commit/dragoqcc/hardhatc2)
![Twitter Follow](https://img.shields.io/twitter/follow/dragoqcc)
<a href="https://bloodhoundgang.herokuapp.com/">
<img src="https://img.shields.io/badge/BloodHound Slack-4A154B?logo=slack&logoColor=white" alt="chat on Bloodhound Slack" />
</a>
<a href="https://github.com/specterops#hardhatc2">
<img src="https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Fspecterops%2F.github%2Fmain%2Fconfig%2Fshield.json" alt="Sponsored by SpecterOps"/>
</a>
# HardHat C2
## A cross-platform, collaborative, Command & Control framework written in C#, designed for red teaming and ease of use
![image](https://user-images.githubusercontent.com/15575425/228551034-e07df233-63f6-41a2-8b94-6eb840859e82.png)
HardHat is a multi-user C# .NET-based command and control (C2) framework designed to aid in red team engagements and penetration testing. It aims to improve quality-of-life during engagements by providing a robust, easy-to-use C2 framework.
HardHat has three main components:
1. An ASP.NET teamserver
2. A Blazor .NET client
3. Built-in C# based implants
1. Support for 3rd party implants in other languages
Full documentation is available at [https://docs.hardhat-c2.net/](https://docs.hardhat-c2.net/).
**NOTE**: HardHat is in an Alpha release; it will have bugs, missing features, and unexpected things will happen. Thank you for trying it, and please report back any issues or missing features so they can be addressed.
## Community
Join our [Discord][Discord] community to talk about HardHat C2, programming, red teaming and general cyber security topics. It's also a great place to ask for help, submit bugs or new features, and stay up-to-date on the latest additions.
Code contributions are welcome! Feel free to submit feature requests, pull requests, or send me your ideas on [Discord][Discord].
## Features
### Custom Asset Support
- Assets are the Implants and associated plugins for the team server and client.
To see the available ones and learn how to create more, check out the [HardHat Toolbox](https://github.com/HardHatToolbox)
### Teamserver & Client
- Individual operator accounts with role-based access control (RBAC)
- Allows account personalization
- Allows restricted access to specific features (e.g., view-only guest role, team-lead opsec approval (WIP))
- Managers (Listeners)
- Dynamic Payload Generation (EXE, DLL, shellcode, PowerShell command)
- Creation & editing of C2 profiles on the fly in the client
- Customization of payload generation
- Sleep time/jitter
- Kill date
- Working hours
- Type (EXE, DLL, shellcode, PowerShell command)
- Included commands (WIP)
- Option to run [ConfuserEx][ConfuserEx]
- File upload & Downloads
- Graph View
- File Browser GUI
- Event Log
- JSON logging for events & tasks
- Loot tracking
- Credentials
- Downloads
- Indicator of Compromise (IOC) tracking
- Pivot proxies (SOCKS 4a, Port forwards)
- Credential store
- Autocomplete command history
- Detailed help command
- Interactive bash terminal command if the client is on Linux or PowerShell on Windows
- Allows automatic parsing and logging of terminal commands like proxychains
- Persistent database storage of teamserver items (User accounts, Managers, Engineers, Events, tasks, creds, downloads, uploads, etc. )
- Recon Entity Tracking (track info about users/devices, random metadata as needed)
- Shared files for some commands (see teamserver page for details)
- tab-based interact window for issuing commands
- Table-based output option for some commands (e.g., `ls`, `ps`, etc.)
- Automatic parsing of [Seatbelt](https://github.com/GhostPack/Seatbelt) output to create "recon entities" for convenient reference
- Dark and Light ���� theme
![image](https://user-images.githubusercontent.com/15575425/228551170-cd455c24-3541-47ec-ad85-dcb84ce64075.png)
![image](https://user-images.githubusercontent.com/15575425/228551467-750a5a3a-dcff-4290-968e-7b18598e74b6.png)
### Engineers
- C# .NET framework implant for Windows devices (currently only CLR/.NET 4 support)
- Only one implant at the moment, but looking to add others
- Can be generated as EXE, DLL, shellcode, or PowerShell stager
- RC4 encryption of payload memory & heap when sleeping (EXE / DLL only)
- AES encryption of all network communication
- [ConfuserEx][ConfuserEx] integration for obfuscation
- HTTP, HTTPS, TCP, SMB communication
- TCP & SMB can work peer-to-peer (P2P) in bind or reverse configurations
- Unique per implant key generated at compile time
- Multiple callback URI's depending on the C2 profile
- P/Invoke & D/Invoke integration for windows API calls
- SOCKS 4a support
- Reverse Port Forward & Port Forwards
- All commands run as asynchronous, cancellable jobs
- Option to run commands synchronously, if desired
- Inline assembly execution & inline shellcode execution
- DLL Injection
- Execute assembly & Mimikatz integration
- Mimikatz is not built into the implant but is pushed when specific commands are issued
- Various local and network enumeration tools
- Token manipulation commands
- Steal Token Mask (WIP)
- Lateral Movement Commands
- Jump (psexec, wmi, wmi-ps, winrm, dcom)
- Remote Execution (WIP)
- Antimalware Scan Interface (AMSI) & Event Tracing for Windows (ETW) Patching
- Unmanaged Powershell
- Script Store allows multiple scripts to be loaded at once
- Spawn & Inject
- Spawn-to is configurable
- Run, execute, and shell
![image](https://user-images.githubusercontent.com/15575425/228551103-0f1fe1f5-9b2d-42f9-a22d-f929f17b3b93.png)
## Getting Started
### Installation
#### Docker
1. Install Docker and Docker Compose
2. Run `docker compose up -d`
- Optionally, provide `HARDHAT_ADMIN_USERNAME` and/or `HARDHAT_ADMIN_PASSWORD` as environment variables; if omitted, the default admin username and randomly generated password will be written to the teamserver logs on first run
3. Navigate to [https://localhost:7096/](https://localhost:7096/) in your browser
#### Manual
1. Install [.NET 7 SDK](https://dotnet.microsoft.com/en-us/download/dotnet/7.0) from Microsoft
2. Run `dotnet run` from the `.\TeamServer` directory to build and start the teamserver
3. Run `dotnet run https://<TEAMSERVER_HOST>:<TEAMSERVER_PORT>` from the `HardHatC2Client` directory
- For example, assuming your teamserver is running on the same host and default port: `dotnet run https://127.0.0.1:5000`
4. Navigate to [https://localhost:7096/](https://localhost:7096/) in your browser
To configure the teamserver's listening address (i.e., where clients will connect), edit `.\TeamServer\Properties\LaunchSettings.json` and change `"applicationUrl": "https://127.0.0.1:5000"` to the desired location and port.
### Setup
1. Login to the client web UI using the username and password set with environment variable or printed to STDOUT by the teamserver
2. Navigate to the Settings page and create a new user account
- If successful, a message will appear; you may then login with that account to access the full client
## Release Tracking
- Alpha 0.2 Release - 7/6/23
- Change log: <https://docs.hardhat-c2.net/changelog/alpha-0.2-update-july-6-2023>
- Alpha Release - 3/29/23
[ConfuserEx]: https://github.com/mkaring/ConfuserEx
[Discord]: https://discord.gg/npW2yy7JFK
没有合适的资源?快使用搜索试试~ 我知道了~
A C# Command & Control framework .zip
共578个文件
cs:284个
dll:90个
razor:75个
需积分: 5 0 下载量 91 浏览量
2023-12-27
00:04:21
上传
评论
收藏 23.55MB ZIP 举报
温馨提示
A C# Command & Control framework
资源推荐
资源详情
资源评论
收起资源包目录
A C# Command & Control framework .zip (578个子文件)
App.config 3KB
packages.config 494B
Engineer.crproj 1KB
engineerMegedTest.crproj 640B
h_DynInv.cs 135KB
DynInv.cs 71KB
DynInv_Methods.cs 71KB
ImplantCommandValidation_Base.cs 52KB
HardHatHub.cs 48KB
Help.cs 44KB
execute_pe.cs 31KB
TCPCommModule.cs 31KB
Engineer_TaskPreProcess.cs 30KB
SleepEncrypt.cs 30KB
BofExecution.cs 29KB
Handle_Engineer.cs 29KB
ExtImplant_TaskPreProcess_Base.cs 28KB
IEngineerService.cs 27KB
SMBCommModule.cs 23KB
DatabaseService.cs 23KB
ExtImplant_TaskPostProcess_Base.cs 23KB
Program.cs 21KB
ExtImplantHandleComms_Base.cs 20KB
HttpCommModule.cs 20KB
HardHatHubClient.cs 20KB
Compile.cs 17KB
jump.cs 16KB
ImplantsController.cs 13KB
Engineer_TaskPostProcess.cs 13KB
Tasking.cs 13KB
Socks4Proxy.cs 12KB
execute_bof.cs 12KB
socks.cs 12KB
CredParse.cs 12KB
Shellcode.cs 11KB
UserStore.cs 11KB
HttpManager.cs 11KB
ls.cs 11KB
ExtImplantService_Base.cs 10KB
GetSystem.cs 10KB
h_coff.cs 9KB
Encryption.cs 9KB
Serilization.cs 9KB
Remote-Exec.cs 9KB
ExecuteAssembly.cs 8KB
bof_pack.cs 8KB
Startup.cs 8KB
InlineAssembly.cs 8KB
vnc.cs 8KB
OutputRedirection.cs 7KB
token_store.cs 7KB
ManagersController.cs 7KB
HttpManagerController.cs 7KB
terminalCommandRecording.cs 7KB
LoggingService.cs 7KB
ExtImplant_Base.cs 7KB
PluginService.cs 7KB
Inj_techs.cs 6KB
Make_Token.cs 6KB
Run.cs 6KB
CreateProcess_StolenToken.cs 6KB
InlineShellcode.cs 5KB
Seralization.cs 5KB
rportForward.cs 5KB
Add-MachineAccount.cs 5KB
SharedClasses.cs 5KB
Encryption.cs 5KB
RPortForward.cs 5KB
Program.cs 5KB
LdapSearch.cs 4KB
IExtImplantService.cs 4KB
ImplantCreation_Base.cs 4KB
UnManagedPowershell.cs 4KB
InlineDll.cs 4KB
RunAs.cs 4KB
Net-DcList.cs 4KB
CertGen.cs 4KB
ps.cs 4KB
RoleStore.cs 4KB
CommModule.cs 3KB
Steal_Token.cs 3KB
Powershell_Import.cs 3KB
HelperFunctions.cs 3KB
CertGen.cs 3KB
UsersRolesDatabaseService.cs 3KB
LoginController.cs 3KB
CompiledImplant_DAO.cs 3KB
Engineer.cs 3KB
ForwardedFunctionWrappers.cs 3KB
GetMachineAccountQuota.cs 3KB
GetPrivs.cs 3KB
Patch_ETW.cs 3KB
Authentication.cs 3KB
PluginService.cs 3KB
Resources.Designer.cs 3KB
Get_Luid.cs 3KB
DataChunking.cs 3KB
HttpManager_DAO.cs 3KB
Shell.cs 3KB
MyUserManager.cs 3KB
共 578 条
- 1
- 2
- 3
- 4
- 5
- 6
资源评论
Lei宝啊
- 粉丝: 1998
- 资源: 1330
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功