Covenant-KBX
.NET command and control framework that highlights the attack surface of .NET and facilitates offensive .NET tradecraft. Provides a web-based interface for multi-user collaboration in red team operations.
Description
Covenant-KBX is a .NET command and control (C2) framework designed to expose the attack surface of .NET applications while simplifying the use of offensive .NET techniques. It serves as a collaborative platform for red teamers, enabling coordinated operations through its ASP.NET Core web interface.
The tool supports cross-platform deployment and multi-user access, making it suitable for team-based penetration testing and adversary emulation exercises. Covenant emphasizes ease of use for .NET-specific offensive operations, lowering the barrier for security professionals working with .NET environments.
As a Kali Linux package, it integrates seamlessly into red team workflows, providing a robust C2 infrastructure for maintaining persistence and executing post-exploitation activities in .NET-heavy target environments.
How It Works
Covenant-KBX is an ASP.NET Core cross-platform application that runs as a web service, providing a browser-based interface for C2 operations. It uses Docker for containerized deployment via kaboxer, ensuring isolated execution environments. The framework manages .NET implants/grunts that communicate with the Covenant server over HTTP/S protocols, enabling tasking, file transfer, and lateral movement capabilities typical of modern C2 frameworks.
Installation
sudo apt install covenant-kbxFlags
Examples
covenant-kbx -hcovenant-kbx startcovenant-kbx stopsudo apt install covenant-kbxcovenant-kbx statusdocker ps