CrystalC2
A command and control framework, mostly to keep myself occupied and out of trouble...
Highlights
CrystalC2's post-exploitation agent is built from modular position-independent code (PIC) parts, weaved together using Crystal Palace. The purpose of the project is to explore the left and right bounds of CPL's Aspect-Oriented Programming (AOP) and bin2bin paradigms when applied to various aspects of a C2 agent.
Challenge areas that come to mind include:
load-time evasion: loading PIC into a process and bootstrapping its execution.
runtime evasion: minimising the indicators of PIC running in memory.
post-exploitation evasion: running 3rd party code/tools.
Outcomes
The long-term goal is to provide users with the flexibility to apply any evasion tradecraft strategies they wish to the Beacon agent and its loader.
Last updated