Tempest: A command and control framework written in Rust
Tempest
Tempest is a command and control framework written in 100% Rust.
TEMPEST COMPONENTS:
anvil – server
- 2 servers with APIs. All APIs are authenticated and unauth-discovery resistent.
- sqlite local database
- internal functions (building imps, generating shellcode, etc…)
- linux based
conduit – hacker client
- Terminal User Interface (TUI)
- “Realtime” dashboard display
- portable, runs completely in terminal
- cross-platform
imps – beacons/agents/implants
windows features:
- AES encrypted comms over TLS
- OPSEC focused, feature rich (no bloat)
- remote process injection
- bof support
- .DOTNET executable support
- WMI
- TEB walk “noldr”
linux/mac:
- functional POC agents currently available.
- roadmapped for further development
Roadmap
- implement kerberos modules
- harden auth between conduit client and anvil server (SSH key auth over TLS in dev)
- additional protocols for communications between server and implants (websockets in dev)
- peer to peer communications for implants over additional protocols
- enhanced socks proxy and multiplayer sessions handling
- templated implant builds with modular options
- evasion for linux and mac implants
- process injections – 1 custom injection I wrote based on a combination and modification of existing techniques, so far released. more to come.
- custom credential harvesting. in progress. early PoCs complete. will add
- AI support modules (may release as seperate libraries/crates)
- logging for command and output history (conduit side).
- options for comms and listener start/stop
