Back to projects

URZA-C2 Framework

Python
Django
Next.js
TypeScript
PostgreSQL
WebSockets
Quart
Hypercorn
Tailwind CSS
.NET Scripting
Detailed screenshot of URZA-C2 Framework project showing the interface and key features

Project Overview

A comprehensive offensive security platform integrating a Django backend, Next.js frontend, and a Python-based C2 engine. URZA-C2 enables controlled security testing with dynamic module compilation, secure communications, and an intuitive dashboard accessible to both technical and non-technical users.

System Architecture

Architecture diagram for URZA-C2 Framework showing system components and their interactions

Components

URZA C2 Engine

Location: urza/ directory

The core engine responsible for handling listeners, stagers, sessions, modules, and secure communication. It manages the lifecycle of the TeamServer and Client processes, ensuring efficient and secure operations.

Django Backend

Location: django-urza-backend/ directory

Acts as the API layer, handling user authentication, role-based access control, process orchestration (start/stop TeamServer and Client), and providing endpoints for the frontend to interact with the C2 engine.

Next.js Frontend

Location: next-urza-frontend/frontend/ directory

Delivers a responsive and intuitive user interface for administrators to manage users, control the TeamServer and Client processes, monitor logs, and perform various C2 operations through seamless API interactions.

Key Features

  • Multi-user and multi-server support with real-time communications via WebSockets
  • Fully modular framework where listeners, modules, stagers, and C2 channels can be customized
  • Dynamic evaluation/compilation using embedded .NET scripting languages for implant tasks
  • Role-based access control with secure authentication via Django backend
  • Responsive and intuitive dashboard interface accessible to both technical and non-technical users
View Source Code

Command Palette