Red Team exploitation framework




multi-purpose Red Team Assessment access and exploitation framework for exploitation C2, backdooring and defense mechanism evasion purposes on restricted enviroments


This project is at an early stage of development. Please feel free to contact me for collaboration.


  • modular: each malware is generated with a (simple) python3 module, similar to msfconsole, which in turn, contains the handler, where the connections of the received agents will automatically arrive.
  • Dockerized: Easy to use! Deploy server/ in any VPS, access from any device or situation!
  • Elasticsearch + Kibana: the output of the commands executed in broadcast will be stored in the database in order to be able to analyze them or to have a holistic view on the indexed agents due to kibana, in addition, backvenom will check at each restart if it has to execute any listener indexed in the DB
  • Multiple Listeners: DNS, ICMP…
  • Multiple Clients: API, CLI, GUI, Telegram…

Malware Module structure

  1. MalwareHandler(ABC)
  • Handle a client connection given socket writer/reader
  1. MalwareGenerator(ABC)
  • This class generate malware and returns binary w/ given options

linux/test example module

search test
use linux/test
show options
set rhost ...
set lhost ...

The RedTeam is a github repository by Eduardo