Skip to content

Latest commit

 

History

History
87 lines (54 loc) · 4.15 KB

README_EN.md

File metadata and controls

87 lines (54 loc) · 4.15 KB

Main Features

  • Implant: Written in Golang, compatible with Windows, Linux, and MacOS (support for mobile platforms under consideration for future updates).
  • Teamserver: Built with .NET 6.0, does not require the .NET Core runtime environment.
  • Controller: Supports reverse shell, file management, process management, network traffic monitoring, memory loading, reverse proxy (based on the IOX model), screenshots, process injection and migration, AV/EDR detection, inline PowerShell commands.
  • Memory Operations: Supports loading PE files into memory on Windows/Linux, process injection and migration, allowing file-free execution.
  • .NET Assemblies: Execute .NET assemblies in memory (execute-assembly, inline-assembly).
  • Lua Scripting: Extend command centers and menus through Lua scripts (similar to CNA scripts).
  • Custom RDI Shellcode: (64-bit only, 32-bit requires manual client compilation) or generate shellcode using donut or Godonut.
  • Telegram Integration: Set up Telegram notifications for host check-ins by modifying the profile.json parameters for Chat ID and API Token.

Supported Platforms

Implant (Session)

  • Windows: Windows 7–11, Windows Server 2008–2022
  • Linux: Supports glibc 2.17+ (e.g., Ubuntu, Debian, CentOS)
  • MacOS: macOS 10.15+

The project is compiled using Go 1.20 for compatibility. Note that Go 1.20+ does not support Windows 7, Windows Server 2008, and some older Linux systems. The payload in XiebroC2 only supports x64 architecture. For older systems, you must compile the source code with Go versions 1.19–1.16.

Teamserver

  • Windows: Windows 8–11, Windows Server 2012–2022
  • Linux: Supports glibc 2.17+ systems.

Screenshots

Topology Structure

image-20250114152703571

Command List

image-20250114162852363

Memory Loading Mimikatz

image-20250114162708390

File Management

image-20250114162940873

Reverse Proxy

image-20250114180254731

How to Use

Network Topology

View network traffic distribution with a visual topology diagram.

Network Topology

Video Demo

Watch the XiebroC2 Demo on YouTube

TODO

  • Develop payloads for PowerShell, VBScript, HTA, JScript, etc.
  • Open more forms and API interfaces to facilitate Lua plugin development.

Star History

Star History Chart

Disclaimer

This project is intended solely for educational and research purposes in penetration testing practice. It is currently in a testing phase. It is strictly prohibited to use this tool for any illegal activities, including black market operations or unauthorized penetration attempts. The internet is not a lawless space! By using this tool, you agree to comply with these terms.

To prevent misuse by malicious actors, the most harmful features have been removed, leaving only basic functions for penetration testing demonstrations. The Teamserver and Controller components are not open-source.