NorthStarC2 is an open-source command and control framework developed for penetration testing and red teaming purposes by Engin Demirbilek.

NorthStar C2 Framework consists of two applications, a server-side GUI web application for managing sessions and a client-side stager to communicate with C2 server.

Quick Installation

git clone https://github.com/EnginDemirbilek/NorthStarC2.git
cd NorthStarC2/
chmod +x install.sh
sudo ./install.sh

In order to install the NorthStar C2 properly and get the best experience possible, please refer to Wiki page

NorthStarC2 Features

This project is being maintained and updated constantly so make sure to check back for new features and modules! See Roadmap.

Languages and technologies used in the NorthStar C2:
Client-Side: C # .NET
Server-Side: PHP, JS, HTML, CSS

Currently, the client-side application (NorthStar Stager) has the following functions:

Connecting to the C2 Server via HTTP or HTTPS,
Receiving commands from the server-side application and responding to the command via HTTP methods,
Encrypting the communication traffic with XOR and obfuscating it with Base64,
Copying itself to a different directory,
Persistance through start-up folders and schtasks,
Host Reconnaissance : Hostname, Username, Current Privileges, Exec Dir and Process ID,
Privilege Escalation : UAC bypass through eventvwr.exe,
Taking screenshots and saving them into a directory,
Uploading any file to the victim machine,
Downloading any file from the victim machine,
SAM dump via reg save command,
Changing the working directory,
View the files and folders in the directory,
Viewing the contents of the files,
Deleting files,
Send commands directly on cmd.exe.