vanguard Svelte Themes

Vanguard

A modern, distributed C2 (Command & Control) framework written in Rust and SvelteKit. It is designed for red teamers and security researchers, featuring a stealthy no-std agent, a high-performance teamserver with SQLite persistence, and a real-time dashboard.

Download

Vanguard C2

Vanguard is a modern, distributed C2 (Command & Control) framework written in Rust and SvelteKit. It is designed for red teamers and security researchers, featuring a stealthy no-std agent, a high-performance teamserver with SQLite persistence, and a real-time dashboard.

🚀 Features

Implemented

  • Stealthy Beacon: no-std Windows agent with direct windows-sys Win32 API interactions
  • Malleable C2 Profiles: Configurable URI paths, HTTP headers, and user agents to mask C2 traffic
  • Sleep and Mask: XOR-based memory obfuscation with rotating keys to evade memory scanners
  • Pipe-based Shell Execution: Real-time output capture from shell commands using anonymous pipes
  • Process Enumeration: List running processes with PIDs using ToolHelp API
  • Process Termination: Kill processes by PID
  • System Information: Gather OS version, architecture, and username
  • Post-Exploitation Commands:
    • Shell command execution with output capture
    • Process listing
    • Process termination
    • Current directory enumeration
    • System information gathering
  • Infrastructure:
    • Teamserver: Axum-based server with SQLite persistence and WebSockets for real-time updates
    • Rate Limiting: Configurable rate limiting for API endpoints
    • Cross-Platform Client: Tauri-powered dashboard with a "hacker" dark aesthetic
    • Encrypted Communications: AES-256-GCM encrypted TLV protocol

Planned (Not Yet Implemented)

  • Indirect Syscalls: EDR evasion via syscall stub resolution (planned)
  • BOF Loader: COFF (Beacon Object File) in-memory loading (planned)
  • Process Injection: Remote process injection using indirect syscalls (planned)
  • P2P Communication: SMB-based lateral movement support (protocol defined, implementation pending)
  • File Upload/Download: Full file transfer capabilities (stub implemented)

🛠 Architecture

  • /beacon: The agent/implant (no_std Windows target)
  • /teamserver: The C2 hub logic (Axum + SQLite)
  • /client: SvelteKit + Tauri management dashboard
  • /protocol: Shared library for AES-256-GCM encrypted TLV communication

🚦 Getting Started

Prerequisites

# Add Windows target for beacon cross-compilation
rustup target add x86_64-pc-windows-msvc

# Install Node.js dependencies for client
cd client && npm install

1. Teamserver

cargo run -p teamserver

Configure via vanguard.toml:

host = "127.0.0.1"
port = 8080
rate_limit_max = 100
rate_limit_window_secs = 60
log_level = "info"

[malleable_profile]
uri = "/api/v1/beacon/checkin"
header_name = "X-Custom-Header"
header_value = "legitimate-traffic-marker"

Set encryption key via environment variable:

export VANGUARD_KEY="your-32-byte-encryption-key"

2. Dashboard

cd client
npm run tauri dev

3. Beacon (Cross-Compilation for Windows)

# Build for Windows
cargo build -p beacon --target x86_64-pc-windows-msvc

# Build for Linux (musl)
cargo build -p beacon --target x86_64-unknown-linux-musl

🔧 Beacon Commands

Command ID Description
shell 0x01 Execute shell command via cmd.exe
ps 0x04 List running processes
kill <pid> 0x05 Terminate process by PID
pwd 0x09 Get current working directory
systeminfo 0x08 Get system information
whoami 0x07 Get current username

🔐 Security Features

  • AES-256-GCM Encryption: All beacon-teamserver communications encrypted
  • TLV Protocol: Custom Type-Length-Value serialization with bincode
  • Memory Obfuscation: XOR-based sleep masking with rotating keys
  • Malleable C2: Configurable HTTP headers and URI patterns
  • Rate Limiting: Protects teamserver from abuse

📋 Configuration

Teamserver (vanguard.toml)

host = "127.0.0.1"
port = 8080
encryption_key = "optional-32-byte-key"
rate_limit_max = 100
rate_limit_window_secs = 60
log_level = "info"

[malleable_profile]
uri = "/api/v1/beacon/checkin"
header_name = "X-Session-ID"
header_value = ""

Beacon Build Configuration (.cargo/config.toml)

[target.x86_64-pc-windows-msvc]
rustflags = ["-C", "target-feature=+crt-static"]

[target.x86_64-unknown-linux-musl]
rustflags = ["-C", "target-feature=+crt-static"]

🏗 Development

Building All Packages

# Build everything
cargo build --workspace

# Build specific package
cargo build -p beacon --target x86_64-pc-windows-msvc
cargo build -p teamserver
cargo build -p protocol

Running Tests

cargo test -p protocol

⚖️ License

Distributed under the MIT License.

Disclaimer: This tool is intended for legal, authorized security testing only. Use at your own risk. The authors are not responsible for any misuse or damage caused by this tool.

Top categories

tailwinddaisyuiadmin templatepopupmdsvexportfolioblogformecommerceuicarouselauthdarkseoimagerouting
Loading Svelte Themes