Home

Awesome

Discord GitHub issues GitHub Repo stars GitHub forks GitHub tag (latest by date) GitHub last commit Twitter Follow <a href="https://bloodhoundgang.herokuapp.com/"> <img src="https://img.shields.io/badge/BloodHound Slack-4A154B?logo=slack&logoColor=white" alt="chat on Bloodhound Slack" /> </a> <a href="https://github.com/specterops#hardhatc2"> <img src="https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Fspecterops%2F.github%2Fmain%2Fconfig%2Fshield.json" alt="Sponsored by SpecterOps"/> </a>

HardHat C2

A cross-platform, collaborative, Command & Control framework written in C#, designed for red teaming and ease of use

image

HardHat is a multi-user C# .NET-based command and control (C2) framework designed to aid in red team engagements and penetration testing. It aims to improve quality-of-life during engagements by providing a robust, easy-to-use C2 framework.

HardHat has three main components:

  1. An ASP.NET teamserver
  2. A Blazor .NET client
  3. Built-in C# based implants
  4. Support for 3rd party implants in other languages

Full documentation is available at https://docs.hardhat-c2.net/.

NOTE: HardHat is in an Alpha release; it will have bugs, missing features, and unexpected things will happen. Thank you for trying it, and please report back any issues or missing features so they can be addressed.

Community

Join our Discord community to talk about HardHat C2, programming, red teaming and general cyber security topics. It's also a great place to ask for help, submit bugs or new features, and stay up-to-date on the latest additions.

Code contributions are welcome! Feel free to submit feature requests, pull requests, or send me your ideas on Discord.

Features

Custom Asset Support

Teamserver & Client

image image

Engineers

Getting Started

Installation

Docker

  1. Install Docker and Docker Compose
  2. Run docker compose up -d
    • Optionally, provide HARDHAT_ADMIN_USERNAME and/or HARDHAT_ADMIN_PASSWORD as environment variables; if omitted, the default admin username and randomly generated password will be written to the teamserver logs on first run
  3. Navigate to https://localhost:7096/ in your browser

Manual

  1. Install .NET 7 SDK from Microsoft
  2. Run dotnet run from the .\TeamServer directory to build and start the teamserver
  3. Run dotnet run https://<TEAMSERVER_HOST>:<TEAMSERVER_PORT> from the HardHatC2Client directory
    • For example, assuming your teamserver is running on the same host and default port: dotnet run https://127.0.0.1:5000
  4. Navigate to https://localhost:7096/ in your browser

To configure the teamserver's listening address (i.e., where clients will connect), edit .\TeamServer\Properties\LaunchSettings.json and change "applicationUrl": "https://127.0.0.1:5000" to the desired location and port.

Setup

  1. Login to the client web UI using the username and password set with environment variable or printed to STDOUT by the teamserver
  2. Navigate to the Settings page and create a new user account
    • If successful, a message will appear; you may then login with that account to access the full client

Release Tracking