Nuages

A modular C2

Nuages aims at being a C2 framework in which back end elements are open source, whilst implants and handlers must be developed ad hoc by users. As a result, it does not provide a way to generate implants, but an open source framework to develop and manage compatible implants that can leverage all the back end resources already developed.

This design hopes to facilitate penetration testing by facilitating the development of custom implants and reducing the likelihood of implants being detected by defensive solutions.

Although Nuages is functioning, it is still a work in progress and contribution are welcome, whether it is solely testing, or development of new modules and compatible clients.

For testing and reference, an example implant and handler are provided on this repo.

Architecture

Nuages C2: It is the core of the C2 and manages the implants, it is open source and should not need to be customized.

Implants: Custom code to run on the target devices, they can communicate with handlers over custom protocol or directly with the Nuages API.

Handlers: Custom code acting as a proxy between Implants and the Nuages API, to implement custom communication protocols (DNS tunneling, domain fronting, IRC, etc…).

Clients: Clients rely on the Nuages API and can be implemented in any form such as cli or web application.

It is available through REST or socket.io and as such, clients can be implemented in any form.

The following clients are currently available:

• The Nuages_Cli client is the default client to access Nuages, it is available over the command line.
• The Nuages_WebCli client is a browser version of the Nuages_Cli client.

Both these clients were originally developed for development and testing purposes but they are reliable despite the spaghetti code.

Download

git clone https://github.com/p3nt4/Nuages.git

Use

Source: https://github.com/p3nt4/