-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Welcome to the Wiki for SpecterPoint. Here on out this wiki will be used to document the development process, thought processes, reference materials etc. This Wiki is meant for readers of all kinds, but be warned, there may items that range from very technical to not so technical.
This Wiki is intended for anyone who is interested in this project or just looking through some of the concepts that are covered by this Wiki. Our best effort will be put in when describing concepts, but may lead to tangents. The idea is not to make this some AI generated text. It is to be written as part of the effort to develop, and with that in mind may lead to some not so great reading. Apologies in advanced, but perhaps once the Wiki is complete, it can be revisited and polished.
To re-iterate what is present in the README.md of the project...
The developers of SpecterPoint hereby declare that they are not responsible for any potential cyber attacks or unauthorized activities that may occur as a result of individuals or entities utilizing the knowledge, techniques, or tools acquired from this project. SpecterPoint is intended solely for research, educational, and defensive purposes in the field of cybersecurity.
Users of SpecterPoint are expected to adhere to all applicable laws, regulations, and ethical guidelines governing the use of cybersecurity tools and techniques. The developers shall not be held liable for any misuse, illegal activities, or damages arising from the misuse of the information or tools provided within the scope of SpecterPoint.
By accessing, using, or participating in the SpecterPoint project, users agree to assume all risks and responsibilities associated with their actions and acknowledge that the developers bear no liability for any consequences thereof. It is the sole responsibility of users to ensure that their activities are conducted in a legal, ethical, and responsible manner.
The idea of creating a C2 came along the lines of, what project can someone create that is not super basic like a calculator, but has that cybersecurity twist that some love in software engineering. Personally, meshing software and security has always been a passion of mine. Nothing like understanding security through development or reverse engineering!
Now before we dive into the idea of coding a C2. We should look at some of the basics, or even take a step back further from that. When thinking C2, what do we think? Personally and based on my opinion, a C2 is just like any sort of API that we see in our every day lives, except can be used for malicious intent (not the goal of this project). Clients can send requests to servers, the servers action something in their backend, and it can effect other clients (or agents).
Perhaps maybe we can even view it as a malicious publish and subscribe... clients can publish or subscribe to servers, send or receive events, and so can the agents. There are many ways we can interpret how we view a C2 and I don't believe there is anything wrong with that. At the end of the day it's whether or not you understand the concept and how to protect against it.