Smart ASGI redirector for red team C2, phishing, and payload delivery infrastructure. Runs in front of any C2 or phishing server — validates inbound traffic, blocks scanners and sandboxes, and presents cover content to unwanted visitors.
What InfraGuard Does#
- Redirects — proxies legitimate beacon/target traffic to your C2 or phishing backend
- Filters — blocks scanners, sandboxes, analysts, and threat intel crawlers before they reach the backend
- Covers — serves believable decoy content to anyone who fails filtering
- Tracks — records every request with filter result and score for post-op review
- Alerts — dispatches real-time events to Discord, Slack, or syslog via plugins
Supported Backends#
| Category | Frameworks |
|---|---|
| C2 | Cobalt Strike, Mythic, Brute Ratel C4, Sliver, Havoc, Nighthawk, PoshC2 |
| Phishing | GoPhish, Evilginx, CuddlePhish, Phishing.club |
| Payload delivery | Mythic file store, PwnDrop, local filesystem, HTTP proxy (RedFile, nginx) |
Quick Links#
Get Started
Configure
Reference