Live
← all projects
ShardC2
Modular C2 framework for authorized red team operations.
About
Policy-aware command-and-control framework for authorized red team operations. Go server/agent core with an operator dashboard, RBAC, audit logs, encrypted payloads, and built-in safety controls.
Features
5 campaign types: Recon, Brute, Exfil, Persist, Custom
7-section operator dashboard with multi-bot WebSocket terminal
Safety policy engine: CIDR scope, safe mode, blocked ranges
RBAC, audit logging, Markdown evidence report export
Encrypted payloads with per-campaign AES keys
Agent heartbeat with auto-reconnect and jitter
Tech Stack
Go PostgreSQL Redis WebSocket Docker Fiber
Campaign Types
Recon
Network enumeration, port scanning, service discovery
Brute
Credential spraying with policy-aware rate limits
Exfil
Staged data exfiltration with encrypted channels
Persist
Persistence implants with scheduled callbacks
Custom
User-defined task chains with conditional logic