Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++, the architecture and usage like Cobalt Strike

Related tags

Miscellaneous windows macos linux agent golang remote-control tcp cross-platform cpp udp rat post-exploitation qt5-gui cobalt-strike red-team c2 redteam
Overview

Khepri Logo

Khepri

Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++

platform Langue stars license

Description

Khepri is a Cross-platform agent, the architecture and usage like Cobalt Strike but free and open-source.

Disclaimer: This project is for learning Golang and C++ only, if someone's rights have been violated, please contact me to remove the project, the last DO NOT USE IT ILLEGALLY and author/contributors do not take any responsbility for any damage caused by malicious actors using any software presented herein.

architecture

  • beacon: Agent, written in C++.
  • teamserver: Server, written in Golang.
  • teamclient: User client, written in C++, the UI use Qt-GUI.

Features

architecture

  • Supported C2 Protocols:

    • TCP
    • UDP

  • Fast network serialization (Protocol Buffers)

  • Agent Features:

    • System Information
    • Process Manager
    • File Manager
    • Remote Shell
    • Remote Execution

  • Supported operating systems

System Windows Linux Macos
beacon
teamserver
teamclient

Quick Start

Please see Quick Start

TODO

  • Refactor teamserver code
  • Beacon supports more protocols:https、dns
  • Beacon supports https-dns
  • Beacon supports dynamic plugin
  • Beacon support proxy
  • Teamclient support proxy
  • Support CI
  • Beacon and teamclient support macos
  • Reduce beacon to 100kb700kb(Don't use openssl、support Mingw compile(can't reduce size)) ...

Contributing

Issues and PR is welcome.

Comments
  • I try to compile in kali

    I try to compile in kali

    my mistake , i delete and add again git clone --recursive https://github.com/geemion/Khepri

    next :

    protoc -I=/root/Khepri/proto --go_out=/root/Khepri/src /root/Khepri/proto\client.proto
or
protoc -I=[/root/Khepri/proto] --go_out=[/root/Khepri/src] [/root/Khepri/proto]\client.proto

#  protoc -I=/root/Khepri/proto --go_out=/root/Khepri/src /root/Khepri/proto\client.proto                                                                     
Could not make proto path relative: /root/Khepri/protoclient.proto: No such file or directory

protoc -I=[proto] --go_out=[src] [proto]\client.proto                                                                                                       1 ⨯
[proto]: warning: directory does not exist.
Could not make proto path relative: [proto]client.proto: No such file or directory

    ./gen-mk-project.sh
    mkdir buildmk CMake Error: The source directory "/root/Khepri" does not appear to contain CMakeLists.txt. Specify --help for usage, or press the help button on the CMake GUI. ./gen-mk-project.sh: line 12: -DVCPKG_TARGET_TRIPLET=x64-linux: command not found make: *** No targets specified and no makefile found. Stop.

    I edit the gen-mk-project.sh
    -DCMAKE_TOOLCHAIN_FILE="/root/vcpkg/scripts/buildsystems/vcpkg.cmake"\ #edit it

    how i have same error mkdir buildmk CMake Error: The source directory "/root/Khepri" does not appear to contain CMakeLists.txt. Specify --help for usage, or press the help button on the CMake GUI. ./gen-mk-project.sh: line 12: -DVCPKG_TARGET_TRIPLET=x64-linux: command not found make: *** No targets specified and no makefile found. Stop.

    I dont want make mistake

    opened by dodoaska 3
  • 您好,师傅,系统的学习了您的代码,感触很多,自己也有一些问题

    您好,师傅,系统的学习了您的代码,感触很多,自己也有一些问题

    beacon代码 win端beacon 因为是c++控制台程序特性,如果代码不加getchar程序就直接退出,运行出现黑框是个很难受的问题,尝试更改子系统为windows隐藏黑框 但是这样的话getchar函数没有任何意义 运行任然自动退出 我尝试创建线程启动yasio start方法 可惜无奈自己是个菜鸡 执行后出现空指针报错 目前任没有头绪

    我想着能和师傅一起开发此项目 (虽然我很菜) 并且我想着能结合红队渗透思路 已经横向的思想方法 对项目进行整体构建 希望您能给我这个机会 我深感荣幸 对我来说也是一种锻炼

    question 
    opened by ro0tmylove 2
  • teamclient编译问题

    teamclient编译问题

    太感谢师傅了 ,teamserver 和beacon已经编译成功

    teamclient编译不出所料也出现了问题 执行此命令出现问题

    cmake --build . --target teamclient --config MinSizeRel

    grpc_cpp_plugin.exe 是不是也需要和vckpg的包版本相同 导致的此问题

    image

    invalid 
    opened by xiaoheiwo 2
  • beacan编译求助

    beacan编译求助

    你好 非常感想您解决我上一个teamserver问题,我成功编译了他, 现在我又碰到新问题了. 我使用的环境如下

    window10
vs2019 
cmake最新
vcpkg 
ming-w64

    我尝试编译beacon 我使用vcpkg安装了cryptopp、protobuf

    vcpkg install cryptopp:x64-windows-static
vcpkg install protobuf:x64-windows-static

    我在vcpkg上面并没有找到yasio的包 于是我去gitlab参照官方教程

    一开始我是把yasio编译成lib文件 但是我发现这样并不行 我尝试把yasio的源码放在beacon项目的yasio目录里 使用如下命令 生成了vs的工程文件 cmake -S . -B buildvc64 -DCMAKE_TOOLCHAIN_FILE="C:/dev/vcpkg-master/scripts/buildsystems/vcpkg.cmake" -DVCPKG_TARGET_TRIPLET="x64-windows-static"

    我使用vs2019打开工程后 一直提示我 yasio/yasio.hpp等相关文件无法找到

    于是我把include"yasio/yasio.hpp" 
改成了include"yasio.hpp"

    解决了这个问题 但是新的问题又出现了 image 以及下面很多很多 错误

    希望师傅可以将你使用的环境告知一下 非常感谢

    从来没有使用cmake编译项目 好难

    documentation good first issue 
    opened by xiaoheiwo 2
  • teamserver 编译问题

    teamserver 编译问题

    Hello, there was a problem when I compiled teamserver, I did not find these definitions in the compiled proto file, how can I solve it, thank

    C:\Users\abc\Desktop\Khepri-main\Khepri-main\src\teamserver>go build cmd\teamserver\teamserver.go
# teamserver/internal/rpc
internal\rpc\teamrpc.go:39:2: undefined: protobuf.UnimplementedTeamRPCServiceServer
internal\rpc\teamrpc.go:87:49: undefined: protobuf.TeamRPCService_CommandChannelServer
internal\rpc\teamrpc.go:302:2: undefined: protobuf.RegisterTeamRPCServiceServer
    documentation good first issue 
    opened by xiaoheiwo 2
  • teamserver 编译问题 2

    teamserver 编译问题 2

    Hello, there was a problem when I compiled teamserver, I did not find these definitions in the compiled proto file, how can I solve it, thank

    E:\rat\Khepri\src\teamserver\cmd\teamserver>go build teamserver.go

    teamserver/internal/handler

    ....\internal\handler\handler.go:175:15: undefined: protobuf.CommandRsp ....\internal\handler\handler.go:210:52: undefined: protobuf.CommandReq

    E:\rat\Khepri\src\teamserver\cmd\teamserver>protoc -I=E:\rat\Khepri\proto --go_out=plugins=grpc:E:\rat\Khepri\ -I=E:\rat\Khepri\proto\teamrpc.proto Missing input file Thinks

    opened by srsec 1
  • teamclient编译问题 求助

    teamclient编译问题 求助

    beacon已经编译成功 cmake报错 image

    VS2015中 image image

    前提是 在protoc -I=[Khepri Proto Dir] --go_out=plugins=grpc:[Khepri Src Dir] -I=[Khepri Proto Dir]\teamrpc.proto 时显示 Missing input file. image 后面我把 -I=去掉 为 protoc -I=C:\src\Khepri\proto --go_out=plugins=grpc:C:/src/Khepri/src C:/src/Khepri/proto/teamrpc.proto 不知道有没有影响

    opened by NO3389 1
  • Linux beacon Bug

    Linux beacon Bug

    [yasio][1644127107420][global] the yasio-3.37.1 is initialized, the size of per transport is 65880 when object_pool enabled.

    [yasio]xxsocket::getipsv: flags=1 [yasio][1644127107422][index: 0] connecting server 192.168.3.176(192.168.3.176):10011...

    [yasio][1644127107423][index: 0] the connection #1(0x7f9a14000950) [192.168.86.137:57352] --> [192.168.3.176:10011] is established.

    [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail! [yasio]xxsocket::traverse_local_address: getifaddrs fail!

    操作系统Centos7.9 长时间运行后会出现getifaddrs fail!,客户端的任何操作都无法使用,心跳还是存在的。

    bug 
    opened by tin7safe 1
  • 编译问题

    编译问题

    F:\Khepri\src\teamserver>go build cmd\teamserver\teamserver.go cmd\teamserver\teamserver.go:21:2: use of internal package teamserver/internal/conf not allowed cmd\teamserver\teamserver.go:22:2: use of internal package teamserver/internal/rpc not allowed

    以及teamclient CMake Error at C:/Program Files (x86)/vcpkg/scripts/buildsystems/vcpkg.cmake:861 (_find_package): Found package configuration file:

    C:/Program Files/grpc/lib/cmake/grpc/gRPCConfig.cmake

    but it set gRPC_FOUND to FALSE so package "gRPC" is considered to be NOT FOUND. Reason given by package:

    The following imported targets are referenced, but are missing: absl::base absl::core_headers absl::memory absl::status absl::cord absl::str_format absl::strings absl::synchronization absl::time absl::optional absl::flat_hash_map absl::inlined_vector absl::bind_front absl::hash absl::statusor absl::variant absl::utility protobuf::libprotobuf protobuf::libprotoc

    Call Stack (most recent call first): CMakeLists.txt:98 (find_package)

    -- Configuring incomplete, errors occurred! See also "F:/Khepri/src/teamclient/buildvc64/CMakeFiles/CMakeOutput.log".

    help wanted wontfix 
    opened by whoami-Root 1
  • teamserver build 问题

    teamserver build 问题

    F:\Khepri\src\teamserver>go build cmd\teamserver\teamserver.go cmd\teamserver\teamserver.go:21:2: use of internal package teamserver/internal/conf not allowed cmd\teamserver\teamserver.go:22:2: use of internal package teamserver/internal/rpc not allowed

    以及 teamclient

    CMake Error at C:/Program Files (x86)/vcpkg/scripts/buildsystems/vcpkg.cmake:861 (_find_package): Found package configuration file:

    C:/Program Files/grpc/lib/cmake/grpc/gRPCConfig.cmake

    but it set gRPC_FOUND to FALSE so package "gRPC" is considered to be NOT FOUND. Reason given by package:

    The following imported targets are referenced, but are missing: absl::base absl::core_headers absl::memory absl::status absl::cord absl::str_format absl::strings absl::synchronization absl::time absl::optional absl::flat_hash_map absl::inlined_vector absl::bind_front absl::hash absl::statusor absl::variant absl::utility protobuf::libprotobuf protobuf::libprotoc

    Call Stack (most recent call first): CMakeLists.txt:98 (find_package)

    -- Configuring incomplete, errors occurred! See also "F:/Khepri/src/teamclient/buildvc64/CMakeFiles/CMakeOutput.log".

    opened by whoami-Root 1
  • Error in compiling teamserver

    Error in compiling teamserver

    Hi, I've been compiling this project for a whole week now, after generating the protobuf and grpc codes for teamserver I encountered following error.

    # teamserver/internal/proto/protobuf
internal/proto/protobuf/teamrpc_grpc.pb.go:21:33: undefined: LoginUserReq
internal/proto/protobuf/teamrpc_grpc.pb.go:21:74: undefined: LoginUserRsp
internal/proto/protobuf/teamrpc_grpc.pb.go:23:37: undefined: ServerCmdReq
internal/proto/protobuf/teamrpc_grpc.pb.go:23:78: undefined: ServerCmdRsp
internal/proto/protobuf/teamrpc_grpc.pb.go:34:63: undefined: LoginUserReq
internal/proto/protobuf/teamrpc_grpc.pb.go:34:104: undefined: LoginUserRsp
internal/proto/protobuf/teamrpc_grpc.pb.go:53:8: undefined: CommandReq
internal/proto/protobuf/teamrpc_grpc.pb.go:54:11: undefined: CommandRsp
internal/proto/protobuf/teamrpc_grpc.pb.go:62:54: undefined: CommandReq
internal/proto/protobuf/teamrpc_grpc.pb.go:66:55: undefined: CommandRsp
internal/proto/protobuf/teamrpc_grpc.pb.go:66:55: too many errors

    What's the problem here?

    FYI I noticed a typo in protobuf code generating section in the doc protoc -I=[Khepri Proto Dir] --go_out=plugins=grpc:[Khepri Src Dir] -I=[Khepri Proto Dir]\teamrpc.proto Will produce error Missing input file. Instead I think this should be protoc -I=[Khepri Proto Dir] --go_out=plugins=grpc:[Khepri Src Dir] [Khepri Proto Dir]\teamrpc.proto Don't know if this is correct.

    Regards.

    documentation 
    opened by ghost 1
Releases(v1.0.0)

  • v1.0.0(Jul 31, 2021)

    CHANGELOG

    • refactor: fix beacon info display
    • feat: doubleclick file list
    • docs: disclaimer
    • feat: teamclient support http_proxy
    • feat: beacon support macos
    • chore: doc add badges,teamclient support macos build
    • chore: debug message
    • refactor: use library xchacha20
    • docs: statement
    • refactor: remove openssl,use cryptopp
    • feat: delete beacon
    • fix: format mac
    • fix: rpc token check
    • docs: add quick_start.md
    • fix: fix linux get_mac
    • feat: init commit
    • Initial commit
    Source code(tar.gz)
    Source code(zip)
Owner
Young
Young
GitHub
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors".

COBALT STRIKE 4.4 Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to exe

Trewis [work] Scotch 104 Aug 21, 2022
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.

Cobalt Strike User-Defined Reflective Loader Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. B

Bobby Cooke 835 Jan 3, 2023
BokuLoader - Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.

BokuLoader - Cobalt Strike Reflective Loader Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. B

Bobby Cooke 833 Dec 31, 2022
Vimb - the vim like browser is a webkit based web browser that behaves like the vimperator plugin for the firefox and usage paradigms from the great editor vim.

Vimb - the vim like browser is a webkit based web browser that behaves like the vimperator plugin for the firefox and usage paradigms from the great editor vim. The goal of vimb is to build a completely keyboard-driven, efficient and pleasurable browsing-experience.

Daniel Carl 1.2k Dec 30, 2022
Load and execute COFF files and Cobalt Strike BOFs in-memory

COFFLoader2 This repo contains the source code of a Common Object File Format (COFF) loader, which is a rewrite of the research and implementation don

Yasser 132 Dec 22, 2022
Cobalt Strike Beacon Object File (BOF) that takes the name of of a PE file as an argument and spawns the process in a suspended state

Beacon Object File (BOF) that spawns an arbitrary process from beacons memory. Supports Parent Process ID (PPID) spoofing & blocking non-MS signed DLLs from loading into the processes memory (some EDR DLLs).

boku 349 Dec 1, 2022
Undetectable Loader for Cobalt Strike Using Syscalls And A External Shellcode

Hellsgate Undetectable Loader for Cobalt Strike Using Syscalls And A External Shellcode Features: Using Syscalls from Hellsgate tech loading the shell

JUICY 21 Nov 5, 2021
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.

Cobalt Strike BOF - Inject AMSI Bypass Cobalt Strike Beacon Object File (BOF) that bypasses AMSI in a remote process with code injection. Running inje

boku 307 Dec 28, 2022
Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes

HalosGate Processlist Cobalt Strike BOF Cobalt Strike Beacon Object File (BOF) that uses a custom HalosGate & HellsGate syscaller, written in assembly

Bobby Cooke 50 Nov 9, 2022
Collection of BOFs for Cobalt Strike

Collection of BOFs for Cobalt Strike

null 22 Jul 27, 2022
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.

Cobalt Strike "Where Am I?" Beacon Object File Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environmen

Bobby Cooke 92 Nov 30, 2022
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving

Beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.

Chris Au 91 Dec 28, 2022
EVA3: using hellsgate in EVA to get the syscalls [tested with cobalt strike 4.3]

EVA3: using hellsgate in EVA to get the syscalls [tested with cobalt strike 4.3] note that i dont claim that the idea is mine, this repo is probably

null 32 Oct 29, 2022
A Visual Studio template used to create Cobalt Strike BOFs

Introduction Cobalt Strike beacon object files (BOFs) is a feature that added to the beacon in order to allow rapid beacon extendibility in a more OPS

Securify 163 Dec 28, 2022
Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions

xPipe Cobalt Strike BOF (x64) Cobalt Strike Beacon Object File (BOF) to list active Pipes & return their Owner & Discretionary Access Control List (DA

Bobby Cooke 65 Nov 9, 2022
This repository is meant to host the core files needed to create a Beacon Object File for use with Cobalt Strike

BOF Template This repository is meant to host the core files needed to create a Beacon Object File for use with Cobalt Strike. A Beacon Object File (B

Cobalt Strike 42 Nov 9, 2022
SDR++ is a cross-platform and open source SDR software with the aim of being bloat free and simple to use.

SDR++ is a cross-platform and open source SDR software with the aim of being bloat free and simple to use.

AlexandreRouma 2.2k Jan 7, 2023
A free and open-source cross-platform application to control your Philips hue compatible lights💡

?? OpenHue ?? A cross platform application to control your Philips hue compatible lights. licensed under the gpl 3.0 license. Currently in super early

BOB450 4 Dec 28, 2022
SomeSmile - a free, open source and not yet cross-platform

SomeSmile - a free, open source and not yet cross-platform Table Of Contents For What? Structure Start Usage Guide How To Build Screenshots End For Wh

SonicTheHedgehog 3 Aug 3, 2022