WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
APACHE-2.0 License
WolfPack combines the capabilities of Terraform
and Packer
to streamline the deployment of red team redirectors on a large scale. This tool enables security professionals to efficiently scale out the creation and management of Apache redirectors, which mimic authentic websites. These redirectors act as a bridge, seamlessly redirecting incoming traffic to a controlled C2 infrastructure. WolfPack simplifies the process of setting up and configuring these deceptive elements, making it an invaluable asset for security testing and red teaming exercises.
Download the repository:
git clone https://github.com/RoseSecurity-Research/WolfPack.git
Ensure that you have downloaded Packer and Terraform before continuing! This can be simply done using the following methods:
1.) Install Homebrew by entering this command into your terminal application: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
. Then install both packer and terraform via brew:
$ brew tap hashicorp/tap && brew update
$ brew cask install packer
$ brew cask install terraform
To deploy WolfPack, ensure that you have an active AWS profile with credentials within your current terminal session before continuing with the following commands:
$ vim playbooks/apache_install.yaml
Locate the following lines and replace them with the User-Agent
and IP address of your C2 server:
- name: Add .htaccess
copy:
dest: /var/www/.htaccess
content: |
# .htaccess Start
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(GET|POST) [NC]
RewriteCond %{REQUEST_URI} ^/api/v1/2023/(.*)$
# Change the following to the User-Agent for callbacks
RewriteCond %{HTTP_USER_AGENT} "Mozilla/5.0 \(Windows NT 10.0; Win64; x64) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/113.0.0.0 Safari/537.36"
# Change the following to your C2 IP Address
RewriteRule ^.*$ "https://10.8.0.2%{REQUEST_URI}" [P,L]
Deploy the AMI:
$ cd images/redirector
$ packer init
$ packer build .
This will deploy a custom redirector AMI within your AWS account EC2 services.
[!NOTE] This code is undergoing development, so if you encounter any errors or have any enhancement requests, feel free to create an issue on this repository