diff --git a/README.md b/README.md index 0097ff7..752f883 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,35 @@ -# Conquest Framework +# Conquest -Compile with Nim: -``` -nim c src/server/main.nim -``` +Conquest is an advanced, extensible and malleable command & control/post-exploitation framework developed for penetration testing and adversary simulation. Conquest's team server, operator client and agent have all been written using the Nim programming language and are designed with modularity and flexibility in mind. It features custom C2 communication via binary packets over HTTP, a client UI developed using Dear ImGui and the `Monarch` agent, which can be equipped with numerous specialized modules. -From the `bin` directory, start the team server: -``` -./server -``` \ No newline at end of file +![Conquest Client](assets/image-1.png) + +> [!CAUTION] Disclaimer +> Conquest is designed to be only used for educational purposes, research and authorized security testing of systems that you own or have an explicit permission to attack. The author provides no warranty and accepts no liability for misuse. + +## Architecture + +TBD + +## Features + +- Flexible operator GUI client written with Dear ImGui in Nim +- HTTP listeners with support for callback hosts (Redirectors) +- Support for malleable C2 profiles (TOML) +- Customizable payload generation +- Encrypted C2 communication leveraging AES256-GCM and X25519 key exchange +- Sleep obfuscation via Ekko, Zilean or Foliage with support for call stack spoofing +- Inline-execution of COFF/BOF files +- Inline-execution of .NET assemblies +- Token impersonation +- AMSI/ETW patch using hardware breakpoints +- Compile-time string obfuscation +- Wide selection of built-in post-exploitation modules +- Looting and loot management +- Logging of all operator activity + +## Screenshots + +![Payload Generation](assets/image.png) + +![Screenshot Preview](assets/image-2.png) \ No newline at end of file diff --git a/assets/image-1.png b/assets/image-1.png new file mode 100644 index 0000000..1d53bc2 Binary files /dev/null and b/assets/image-1.png differ diff --git a/assets/image-2.png b/assets/image-2.png new file mode 100644 index 0000000..657b64a Binary files /dev/null and b/assets/image-2.png differ diff --git a/assets/image.png b/assets/image.png new file mode 100644 index 0000000..32096b0 Binary files /dev/null and b/assets/image.png differ diff --git a/src/agent/main.nim b/src/agent/main.nim index d6e364a..0c2a35e 100644 --- a/src/agent/main.nim +++ b/src/agent/main.nim @@ -25,8 +25,8 @@ proc main() = #[ Agent routine: - 1. Register to the team server if not already register - 2. Sleep Obfuscation + 1. Sleep Obfuscation + 2. Register to the team server if not already register 3. Retrieve tasks via checkin request to a GET endpoint 4. Execute task and post result 5. If additional tasks have been fetched, go to 3.