• Stars
    star
    607
  • Rank 73,845 (Top 2 %)
  • Language
    Python
  • License
    MIT License
  • Created about 5 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Overlord - Red Teaming Infrastructure Automation

Overlord – Red Teaming Automation

License Black Hat Arsenal 2020 GitHub stars

Overlord provides a python-based console CLI which is used to build Red Teaming infrastructure in an automated way. The user has to provide inputs by using the tool’s modules (e.g. C2, Email Server, HTTP web delivery server, Phishing server etc.) and the full infra / modules and scripts will be generated automatically on a cloud provider of choice. Currently supports AWS and Digital Ocean. The tool is still under development and it was inspired and uses the Red-Baron Terraform implementation found on Github.

A demo infrastructure was set up in our blog post https://qsecure.com.cy/resources/publications/overlord/.

For the full documentation of the tool visit the Wiki tab at https://github.com/qsecure-labs/overlord/wiki.

Installation

git clone https://github.com/qsecure-labs/overlord.git
cd overlord/config
chmod +x install.sh
sudo ./install.sh

Acknowledgments

This project could not be created without the awsome work for Marcello Salvati @byt3bl33d3r with the RedBaron Project. That is the reason why we are referencing the name of RedBaron on our project as well.

As Marcello stated on his acknowledgments, further thanks to:

  1. @_RastaMouse's two-part blogpost on 'Automated Red Team Infrastructure Deployment with Terraform' Part 1 and 2
  2. @bluscreenofjeff's with his amazing Wiki on Read Team Infrastucture
  3. @spotheplanet's blog post on Red team infrastructure

Official Discord Channel

Come hang out on Discord!

Porchetta Industries

Disclaimer

Overlord comes without warranty and is meant to be used by penetration testers during approved red teaming assessments and/or social enigneering assessments. Overlord's developers and QSecure decline all responsibility in case the tool is used for malicious purposes or in any illegal context.