Skip to content

Redcrox is a browser extension for command & control and browser reconnaissance. Captures keystrokes, cookies, and more via a self-hosted panel. Supports Chrome & Firefox.

License

Notifications You must be signed in to change notification settings

BEND0US/redcrox

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Redcrox – Browser Extension for Command & Control (Chromium / Firefox)

Redcrox is a browser extension built for browser-based command & control and reconnaissance. It supports both Chromium-based browsers (Chrome, Edge, etc.) and Firefox. Redcrox collects browser data such as keystrokes, cookies, history, clipboard content, and more — all manageable through a secure, self-hosted panel with command-based control over connected clients.

⚠️ This tool is intended strictly for educational purposes, research, and authorized security assessments. Unauthorized use is strictly prohibited.


🚀 Features

Redcrox includes multiple telemetry modules and actions, triggered via the web-based admin panel:

  • Keylogger – Logs keystrokes with associated URL and page title
  • Form Input Capture – Extracts submitted form fields
  • Cookie Collection – Gathers available cookies from active pages
  • Screenshot Capture – Triggers a snapshot of the browser view
  • History & Bookmark Dump – Reads browsing history and saved bookmarks
  • Download History – Lists recent downloads
  • Clipboard Monitoring – Captures clipboard text
  • System Info Collection – Gathers OS, architecture, and browser info
  • Download Intercept – Replaces downloads based on file extension

🧩 Architecture

Redcrox is composed of three core components:

  • Server (Go): Handles client communication, stores data in SQLite, and provides a browser-based admin panel.
  • Chromium Extension: Built using Manifest V3 APIs; collects data via content scripts and background service worker.
  • Firefox Extension: WebExtension-compatible version with the same capabilities as the Chrome variant.
+---------------------------+        +-------------------+        +--------------------+
|  Browser (Redcrox Ext.)  | <────> |   Redcrox Server   | <────> |   SQLite Database   |
+---------------------------+        +-------------------+        +--------------------+
            ▲                                        │
            │                                        ▼
      Command Flow                          Admin Web Panel

📥 Installation

Server Setup

go install [email protected] # or later
git clone https://github.com/BEND0US/redcrox.git
cd redcrox/server
go mod init redcrox-server
go build
./redcrox-server

Admin panel will be available at: http://localhost:8080

🔐 Note: The default admin password is password. You should change it immediately after your first login to ensure the security of the admin panel.

Extension Setup

Chrome

  1. Open chrome://extensions/
  2. Enable Developer Mode
  3. Load unpacked → Select chrome/

Firefox

  1. Go to about:debugging#/runtime/this-firefox
  2. Load Temporary Add-on → Select firefox/manifest.json

📊 Web Interface

Clients Commands Download Intercept Builder

⚙️ Usage Examples

✅ Trigger modules for a connected client:

  • Log in to the admin panel
  • Select a client from the dashboard
  • Send available commands (screenshot, history, etc.)

✅ Monitor all collected data in the admin panel:

  • Access keystrokes, clipboard data, cookies, history, and more from a single interface
  • Filter, view, and manage data in real time across all connected clients

✅ Intercept .exe downloads:

  • Configure interception rule in the panel
  • Replace requested file with custom URL

📦 Output & Logging

All captured data is stored per-client under the SQLite database. Examples:

  • Keylogger
  • Form submissions (username/password)
  • Screenshots
  • Clipboard content
  • History
  • Bookmark
  • Download History
  • Cookies
  • Browser and OS metadata

⚠️ Legal Disclaimer

Redcrox is developed for ethical security research and authorized red teaming engagements only. You are solely responsible for how this tool is used. Misuse or unauthorized deployment may violate local, national, or international laws.

The authors disclaim any responsibility for misuse.

By using this project, you agree to operate within legal and ethical boundaries.


📄 License

This project is licensed under the MIT License. Usage must always comply with applicable laws and regulations.


👤 Author

Created by BEND0US

About

Redcrox is a browser extension for command & control and browser reconnaissance. Captures keystrokes, cookies, and more via a self-hosted panel. Supports Chrome & Firefox.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published