feat(): init

CHANGELOG

@@ -0,0 +1,3 @@
+## [22.5.20.1220] - 2022-5-20
+### Added
+- Initialize project

RedGuard.go

@@ -0,0 +1,102 @@
+/**
+ * @Author 风起
+ * @contact: [email protected]
+ * @File: RedGuard.go
+ * @Time: 2022/5/4 10:44
+ **/
+
+package main
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"RedGuard/config"
+	"RedGuard/core"
+	"RedGuard/core/parameter"
+	"RedGuard/lib"
+)
+
+var logger = lib.Logger() // logger output model
+
+type C2 struct {
+	Type string //Server interface{}
+}
+
+type c2Action interface {
+	serverInit()
+}
+
+type cobaltStrike struct {
+	action string
+}
+
+// ServerInit CobaltStrike module core method entry
+func (cs *cobaltStrike) serverInit() {
+	cs.action = "CobaltStrike"
+	var (
+		proxy parameter.ProxyConf // Proxy configuration structure
+		cfg   = lib.InitConfig()  // config file object
+		num   int                 // counting variable
+	)
+	// HTTPS Reverse proxy SSL certificate is created
+	lib.InitGenerateSelfSignedCert()
+	for key, value := range map[string]string{
+		"HTTPS": "/",
+		"HTTP":  "/http",
+	} {
+		proxy.Action = key    // Gets the reverse proxy listening port type
+		proxy.Pattern = value // Gets the pattern associated with the listening type
+		proxy.Port = lib.ReadConfig("proxy", fmt.Sprintf("Port_%s", key), cfg)
+		// When num is greater than 0, the main program is called out of the loop
+		if num > 0 {
+			break
+		}
+		num += 1
+		logger.Noticef("HostTarget: %s", lib.ReadConfig("proxy", "HostTarget", cfg))
+		// HTTP reverse proxy
+		go core.ProxyManger(proxy.Action, proxy.Port, proxy.Pattern)
+	}
+	// HTTPS reverse proxy
+	core.ProxyManger(proxy.Action, proxy.Port, proxy.Pattern)
+	// TODO CobaltStrike Core flow control method
+}
+
+func (c2 C2) configInit(args *parameter.Parses) {
+	c2.Type = args.C2Type
+	// Check C2 Server type
+	switch strings.ToLower(c2.Type) {
+	case "cobaltstrike":
+		// CobaltStrike Server initialize method
+		(&cobaltStrike{}).serverInit()
+	}
+	// TODO:Development Pending for other C2 frameworks
+}
+
+func main() {
+	fmt.Println(fmt.Sprintf(config.BANNER, config.VERSION, config.URL)) // output banner information.
+	// Create the tool argument
+	var (
+		parse  parameter.Parses // Basic parameter structure
+		cert   parameter.Cert   // Certificate configuration parameter structure
+		_proxy parameter.Proxy  // Proxy configuration parameter structure
+	)
+	core.CmdParse(&parse, &cert, &_proxy)
+	// Check whether RedGuard has been initialized
+	if num, isExits := lib.CreateConfig(parse.C2Type /* C2 Facility Type */); isExits {
+		switch {
+		case parse.Update:
+			lib.UpdateConfig(&cert, &_proxy) // Update RedGuard Config
+			logger.Notice("RedGuard Configuration file updated successfully!")
+		case parse.IP != "":
+			logger.Noticef("Search ipLookUpHelper: %s", parse.IP)
+			core.IPLookUp(parse.Location /* owning place to be verified */, parse.IP) // Query the location of an IP address
+		case num == 0:
+			// Select different C2 Server modes based on user parameters,default CobaltStrike.
+			(C2{}).configInit(&parse)
+		case num == 1: // Initialization is run for the first time
+			os.Exit(0)
+		}
+	}
+}

RedGuard.log

@@ -0,0 +1,116 @@
+[2022-05-23 10:34:36] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 10:34:36] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 10:34:36] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 10:34:36] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 10:34:57] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:34:57] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 111.14.218.206 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Edg/101.0.1210.53
+[2022-05-23 10:34:57] [RedGuard/core.(*baseHandle).ServeHTTP] [REDIRECT] Source IP: 111.14.218.206 -> Destination Site: https://360.net
+[2022-05-23 10:35:52] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:35:52] [RedGuard/core.IPLookUp] {
+	"status": "0",
+	"t": "",
+	"set_cache_time": "",
+	"data": [
+		{
+			"ExtendedLocation": "",
+			"OriginQuery": "111.14.218.206",
+			"appinfo": "",
+			"disp_type": 0,
+			"fetchkey": "111.14.218.206",
+			"location": "山东省济南市 移动",
+			"origip": "111.14.218.206",
+			"origipquery": "111.14.218.206",
+			"resourceid": "6006",
+			"role_id": 0,
+			"shareImage": 1,
+			"showLikeShare": 1,
+			"showlamp": "1",
+			"titlecont": "IP地址查询",
+			"tplt": "ip"
+		}
+	]
+}
+[2022-05-23 10:35:52] [RedGuard/core.ProxyFilterManger] [DROP] 111.14.218.206 Does not meet the allowed online geographical restrictions
+[2022-05-23 10:35:52] [RedGuard/core.(*baseHandle).ServeHTTP] [REDIRECT] Source IP: 111.14.218.206 -> Destination Site: https://360.net
+[2022-05-23 10:36:36] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:36:36] [RedGuard/core.ProxyFilterManger] [DROP] 111.14.218.206 request online IP address is not whitelisted
+[2022-05-23 10:36:36] [RedGuard/core.(*baseHandle).ServeHTTP] [REDIRECT] Source IP: 111.14.218.206 -> Destination Site: https://360.net
+[2022-05-23 10:37:14] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:37:14] [RedGuard/core.ProxyFilterManger] [DROP] 111.14.218.206 Requests are made during prohibited periods of time
+[2022-05-23 10:37:14] [RedGuard/core.(*baseHandle).ServeHTTP] [REDIRECT] Source IP: 111.14.218.206 -> Destination Site: https://360.net
+[2022-05-23 10:37:36] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 10:37:36] [RedGuard/core.ProxyFilterManger] [DROP] 111.14.218.206 Requests are made during prohibited periods of time
+[2022-05-23 10:37:36] [RedGuard/core.(*baseHandle).ServeHTTP] [REDIRECT] Source IP: 111.14.218.206 -> Destination Site: https://360.net
+[2022-05-23 10:39:05] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:05] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 198.135.57.147 - 
+[2022-05-23 10:39:05] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 198.135.57.147
+[2022-05-23 10:39:09] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:09] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 198.135.57.147 - 
+[2022-05-23 10:39:09] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 198.135.57.147
+[2022-05-23 10:39:09] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:10] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 198.135.57.147 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
+[2022-05-23 10:39:10] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 198.135.57.147
+[2022-05-23 10:39:10] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:10] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 198.135.57.147 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
+[2022-05-23 10:39:10] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 198.135.57.147
+[2022-05-23 10:39:16] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:16] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 198.135.57.147 - Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.0 Safari/537.36
+[2022-05-23 10:39:16] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 198.135.57.147
+[2022-05-23 10:39:50] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:50] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 45.67.223.118 - 
+[2022-05-23 10:39:50] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 45.67.223.118
+[2022-05-23 10:39:58] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:58] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 45.67.223.118 - 
+[2022-05-23 10:39:58] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 45.67.223.118
+[2022-05-23 10:39:59] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:39:59] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 45.67.223.118 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
+[2022-05-23 10:39:59] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 45.67.223.118
+[2022-05-23 10:40:00] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:40:00] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 45.67.223.118 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4 240.111 Safari/537.36
+[2022-05-23 10:40:00] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 45.67.223.118
+[2022-05-23 10:40:07] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /
+[2022-05-23 10:40:07] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 45.67.223.118 - Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:40.0) Gecko/20100101 Firefox/40.0
+[2022-05-23 10:40:07] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 45.67.223.118
+[2022-05-23 10:47:30] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 10:47:30] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 10:47:30] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 10:47:30] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 10:48:11] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 10:48:11] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36
+[2022-05-23 10:50:03] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 10:50:03] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 10:50:03] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 10:50:03] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 10:50:04] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 10:50:04] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36
+[2022-05-23 10:50:17] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 127.0.0.1
+[2022-05-23 10:50:39] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 10:50:39] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 10:50:39] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 10:50:39] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 10:50:47] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 10:50:47] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36
+[2022-05-23 10:50:47] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 127.0.0.1
+[2022-05-23 10:51:36] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 10:51:36] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36
+[2022-05-23 10:51:36] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 127.0.0.1
+[2022-05-23 10:51:41] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 10:51:41] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 10:51:41] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 10:51:41] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 10:51:42] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 10:51:42] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36
+[2022-05-23 10:51:42] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 127.0.0.1
+[2022-05-23 11:03:06] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 11:03:06] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 11:03:06] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 11:03:06] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 11:03:08] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 11:03:08] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36
+[2022-05-23 11:03:08] [RedGuard/core.(*baseHandle).ServeHTTP] [DROP] Source IP: 127.0.0.1
+[2022-05-23 11:03:26] [RedGuard/lib.InitGenerateSelfSignedCert] A default SSL certificate is being generated for the reverse proxy...
+[2022-05-23 11:03:26] [main.(*cobaltStrike).serverInit] HostTarget: {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+[2022-05-23 11:03:26] [RedGuard/core.ProxyManger] Proxy Listen Port :80 (HTTP)
+[2022-05-23 11:03:26] [RedGuard/core.ProxyManger] Proxy Listen Port :443 (HTTPS)
+[2022-05-23 11:03:27] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] GET /js/config.js
+[2022-05-23 11:03:27] [RedGuard/core.(*baseHandle).ServeHTTP] [REQUEST] 127.0.0.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/53L, like Gecko) Chrome/90.0.4430.212 Safari/537.36

cert-rsa/ca.crt

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgIIFvGc286sybwwDQYJKoZIhvcNAQELBQAwZjELMAkGA1UE
+BhMCQ04xETAPBgNVBAcTCEhhbmdaaG91MS0wKwYDVQQKEyRBbGliYWJhIChDaGlu
+YSkgVGVjaG5vbG9neSBDby4sIEx0ZC4xFTATBgNVBAMMDCouYWxpeXVuLmNvbTAe
+Fw0yMjA1MjMwMzAzMjZaFw0yMzA1MjMwMzAzMjZaMGYxCzAJBgNVBAYTAkNOMREw
+DwYDVQQHEwhIYW5nWmhvdTEtMCsGA1UEChMkQWxpYmFiYSAoQ2hpbmEpIFRlY2hu
+b2xvZ3kgQ28uLCBMdGQuMRUwEwYDVQQDDAwqLmFsaXl1bi5jb20wggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5OppFjIh2aKOBgUBzW0HKeg1t0Nzq/HaE
+QAMNvMBUHXjJL7jKEXpXo6ylGYie3ItTZN6x4aYLH8kjwhMJKilAHn4vQM1CAx0k
+JGcAz15RSICYRGG8tYn3hApXMZqJpB8IXpt+e4aoxJVSZwR+YljtwiuzN8MWhHxW
+nkhYxKi+IVL5TZ6QD/8QG4PU+zjO9osAH6NLI1eXDwng3iDs776TaQVkwew1Qpzv
+IAvjw81t30fETBcUX2P0Fge0DnvWaoSNEk9A9t2Pdi0uAmTgfaxAFz1HdGrCfJGH
+IFBy+ieKdveG2F29ydZhsRjTQYUfIRDQ8s1HLQxw1f8KT41vnj69AgMBAAGjgcYw
+gcMwDgYDVR0PAQH/BAQDAgKkMBMGA1UdJQQMMAoGCCsGAQUFBwMBMIGbBgNVHREE
+gZMwgZCCDCouYWxpeXVuLmNvbYIabWFuYWdlci5jaGFubmVsLmFsaXl1bi5jb22C
+HCouYWNzLWludGVybmFsLmFsaXl1bmNzLmNvbSKCFCouY29ubmVjdC5hbGl5dW4u
+Y29tggphbGl5dW4uY29tghB3aG9pcy53d3cubmV0LmNughJ0aWFuY2hpLWdsb2Jh
+bC5jb20wDQYJKoZIhvcNAQELBQADggEBABwc43OobML5fyDq1+N7c49V3LenFXPx
+pMABhFG0Ln2AtkVgQ6w6a8qPa6/gc11XgTepqD5np2HdYtb6A5hAcNAYeLrF97pV
+Vo6JWgNJGD1Jh0n5kFo8e07VdNRQ/OLvA/wQNlZo3uAkqiNufc1pWJyGq7L+ALrE
+Uvvu67NoAg01MNbr0yluEYSX/rT+RuaJP1IeerrwujZ9Mp+EGgakqXpXmr8NB7EJ
+Po8eDyF8mZ8eg2aiopDR/s3be1FSW+czBy5Q0HWHAHO0bB9AB83D21N5sVZp4qOK
+Edf13JfJ9kUfjj13E3mJrBqJ1+RtjHxL2YZEWtib1Hwhj1/yDNkCryc=
+-----END CERTIFICATE-----

cert-rsa/ca.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAuTqaRYyIdmijgYFAc1tBynoNbdDc6vx2hEADDbzAVB14yS+4
+yhF6V6OspRmIntyLU2TeseGmCx/JI8ITCSopQB5+L0DNQgMdJCRnAM9eUUiAmERh
+vLWJ94QKVzGaiaQfCF6bfnuGqMSVUmcEfmJY7cIrszfDFoR8Vp5IWMSoviFS+U2e
+kA//EBuD1Ps4zvaLAB+jSyNXlw8J4N4g7O++k2kFZMHsNUKc7yAL48PNbd9HxEwX
+FF9j9BYHtA571mqEjRJPQPbdj3YtLgJk4H2sQBc9R3RqwnyRhyBQcvoninb3hthd
+vcnWYbEY00GFHyEQ0PLNRy0McNX/Ck+Nb54+vQIDAQABAoIBAQCXj80V5YTvpnVL
+jXAoM96kh7QfTEzH9mYflqUpA244JZlkvaitpxl9Ro8I1NjGbF2QkjPqR2HvLkYN
+/UpIMHhqX8kOby7EufmJTkP+FK/vQK0AasuydrT6k89GQ29Y+rLtzUPcfcTUqW4p
+a+PwahasDTpmvdTiwutekMtP3zLXxtZGPlyAQrX/H0sWfz2yXTtEUiRqwb9tKqeY
+UyJj3f4diTvWu/Pa6MNZsT0YabfkzaQt8K/Mi1xBAxVXpWT28Q4fli7/1/ACzPQR
+deEhuGc0GViv4Kn5EnUWi/96uQP4oDyXdMGWSbIt4zcdrN/A9o1MTkbJSkj5uX/7
+YtxuSeZhAoGBANVBJ30WWjiFSusXY1EEB7mz+qJ/e+0B7MQbL+86pI3Kg8yUHy/I
+u1Kb8vGWmImgXqs/bRgNcBGCNhaMpI72tTFGouMAjW17IqGK4611aS9lN0EeeSOd
+yppyNNXMz6FLdaWOcuhX36acs0oyr+y9KIjYSAaDpVieNR0RkC5oHW5ZAoGBAN5b
+WxMPYVCKvekeoD6X8EGa+8IHY48xpnyU02JVNx3OVgIVG88GED9PMlwceK598pt2
+Epk0IOeYAcv4rbnZUOMV6XSAMjbQIuBRvVwSXnbduiN7SCNnB/iJqQMWmTVkdJIK
+zEr1Pqr+xdLcuEarM2zncK1+LLS8CnfhymeQdu8FAoGARB10hILQPH9ux5qH0YfN
+A+bV5nN73N8hhh38+JetmdCWupCRSYz/MEq5lar5e/QqaN5wdR9NrXn+1sMDiNqK
+U3vxaTpy8gZDsH+Ra4U2HLpipL0cCmFLJnvWHng11ZopsMDIOShgOnKQ3eFEygQ9
+X0Bd+R6xgJW/91H10KzWwbkCgYALU0fePqhMO+TUXNT4mzCHhudPyKSPhI3gRoxF
+s+VsxTeoP379Gmf1cYk1G9YhvRSASpFD8F3Erf9Zbj8a+jCegF01q9ni5NMB7efh
+KqZZE44JhJv2AadsR0aue5YuHAG79oTVRIx+lR9qUAeqwcmKwHcCvyxzwCggVwXC
+JJ+KKQKBgHhQHAlGocYw89t5VvXMq9Ob7HjMOcAoB/5U++1YJRe6HI+QRYVwAB/D
+AZlFljjdBaQFcVWmeKVF8f+JaNzY+AsfiTQ8vmfpTNubRsIW+lTkoHzaKAr0tds2
+6vcD+UwbKOXTvpQ4aofM58EUswGhl+kVupddPRX2PC5YI+vzBwcB
+-----END RSA PRIVATE KEY-----

config/RedGuard_CobaltStrike.go

@@ -0,0 +1,37 @@
+package config
+
+var RedGuardConfig = `
+[cert]
+# User Optional name
+DNSName      = *.aliyun.com,manager.channel.aliyun.com,*.acs-internal.aliyuncs.com",*.connect.aliyun.com,aliyun.com,whois.www.net.cn,tianchi-global.com
+# Cert User CommonName
+CommonName   = *.aliyun.com
+# Cert User Locality
+Locality     = HangZhou
+# Cert User Organization
+Organization = Alibaba (China) Technology Co., Ltd.
+# Cert User Country
+Country      = CN
+
+[proxy]
+# key   : Header Host value of the reverse proxy
+# value : The actual address forwarded by the reverse proxy
+HostTarget    = {"360.net":"http://127.0.0.1:8080","360.com":"https://127.0.0.1:4433"}
+# HTTPS Reverse proxy port
+Port_HTTPS    = :443
+# HTTP Reverse proxy port
+Port_HTTP     = :80
+# Determines whether to intercept intercepted traffic default false / true
+DROP          = false
+# URL to redirect to
+Redirect      = https://360.net
+# IP address owning restrictions example:AllowLocation = 山东,上海,杭州 or shanghai,beijing
+AllowLocation = *
+# Whitelist list example: AllowIP = 172.16.1.1,192.168.1.1
+AllowIP       = *
+# Limit the time of requests example: AllowTime = 8:00 - 16:00
+AllowTime     = *
+# C2 Malleable File Path
+MalleableFile = *
+
+`

config/version.go

@@ -0,0 +1,31 @@
+/**
+ * @Author 风起
+ * @contact: [email protected]
+ * @File: version.go
+ * @Time: 2022/5/5 9:25
+ **/
+
+package config
+
+const (
+	BANNER = `
+	
+██████╗ ███████╗██████╗    ██████╗ ██╗   ██╗ █████╗ ██████╗ ██████╗ 
+██╔══██╗██╔════╝██╔══██╗  ██╔════╝ ██║   ██║██╔══██╗██╔══██╗██╔══██╗
+██████╔╝█████╗  ██║  ██║  ██║  ███╗██║   ██║███████║██████╔╝██║  ██║
+██╔══██╗██╔══╝  ██║  ██║  ██║   ██║██║   ██║██╔══██║██╔══██╗██║  ██║
+██║  ██║███████╗██████╔╝  ╚██████╔╝╚██████╔╝██║  ██║██║  ██║██████╔╝  -V %s
+╚═╝  ╚═╝╚══════╝╚═════╝    ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚═════╝ 
+
+Github:%s
+
+RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
+`
+	VERSION   = "22.5.20.1220 Alpha"
+	TITLE     = "RedGuard"
+	LICENSE   = "GPL-2.0"
+	URL       = "https://github.com/wikiZ/RedGuard"
+	AUTHOR    = "风起"
+	TEAM      = "0/00"
+	COPYRIGHT = "Copyright (C) 2022 风起. All Rights Reserved"
+)