Repository: RedTeamOperations/Red-Infra-Craft
Branch: main
Commit: 25bfa7a5a883
Files: 31
Total size: 121.8 KB

Directory structure:
gitextract_pfekmv1c/

├── LICENSE
├── README.md
├── html/
│   ├── EvilGinx.html
│   ├── Full_Infra.html
│   ├── GoPhish.html
│   ├── Mythic_C2.html
│   ├── Mythic_C2_with_ELB.html
│   └── pwndrop.html
├── infra_deployment_guide/
│   ├── AWS/
│   │   ├── assets/
│   │   │   └── test
│   │   └── readme.md
│   ├── Azure/
│   │   └── readme.md
│   └── GCP/
│       └── readme.md
└── redinfracraft/
    ├── Terraform/
    │   ├── AWS/
    │   │   ├── AWS_Evilginx_Phishing_Server/
    │   │   │   └── main.tf
    │   │   ├── AWS_GoPhish_Phishing_Server/
    │   │   │   └── main.tf
    │   │   ├── AWS_Mythic_C2/
    │   │   │   └── main.tf
    │   │   ├── AWS_Mythic_C2_with_CloudFront/
    │   │   │   └── main.tf
    │   │   └── AWS_Pwndrop_Payload_Server/
    │   │       └── main.tf
    │   ├── Azure/
    │   │   ├── Azure_Evilginx_Phishing_Server/
    │   │   │   ├── main.tf
    │   │   │   └── script.sh
    │   │   ├── Azure_GoPhish_Phishing_Server/
    │   │   │   ├── main.tf
    │   │   │   └── script.sh
    │   │   ├── Azure_Mythic_C2/
    │   │   │   ├── main.tf
    │   │   │   └── script.sh
    │   │   ├── Azure_Mythic_C2_with_Frontdoor/
    │   │   │   ├── main.tf
    │   │   │   └── script.sh
    │   │   └── Azure_Pwndrop_Payload_Server/
    │   │       ├── main.tf
    │   │       └── script.sh
    │   ├── GCP/
    │   │   └── GCP_Mythic_C2_with_ELB/
    │   │       ├── mythic.tf
    │   │       └── script.sh
    │   └── terraform.auto.tfvars
    └── redinfracraft.py

================================================
FILE CONTENTS
================================================

================================================
FILE: LICENSE
================================================
                                 Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/

   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

   1. Definitions.

      "License" shall mean the terms and conditions for use, reproduction,
      and distribution as defined by Sections 1 through 9 of this document.

      "Licensor" shall mean the copyright owner or entity authorized by
      the copyright owner that is granting the License.

      "Legal Entity" shall mean the union of the acting entity and all
      other entities that control, are controlled by, or are under common
      control with that entity. For the purposes of this definition,
      "control" means (i) the power, direct or indirect, to cause the
      direction or management of such entity, whether by contract or
      otherwise, or (ii) ownership of fifty percent (50%) or more of the
      outstanding shares, or (iii) beneficial ownership of such entity.

      "You" (or "Your") shall mean an individual or Legal Entity
      exercising permissions granted by this License.

      "Source" form shall mean the preferred form for making modifications,
      including but not limited to software source code, documentation
      source, and configuration files.

      "Object" form shall mean any form resulting from mechanical
      transformation or translation of a Source form, including but
      not limited to compiled object code, generated documentation,
      and conversions to other media types.

      "Work" shall mean the work of authorship, whether in Source or
      Object form, made available under the License, as indicated by a
      copyright notice that is included in or attached to the work
      (an example is provided in the Appendix below).

      "Derivative Works" shall mean any work, whether in Source or Object
      form, that is based on (or derived from) the Work and for which the
      editorial revisions, annotations, elaborations, or other modifications
      represent, as a whole, an original work of authorship. For the purposes
      of this License, Derivative Works shall not include works that remain
      separable from, or merely link (or bind by name) to the interfaces of,
      the Work and Derivative Works thereof.

      "Contribution" shall mean any work of authorship, including
      the original version of the Work and any modifications or additions
      to that Work or Derivative Works thereof, that is intentionally
      submitted to Licensor for inclusion in the Work by the copyright owner
      or by an individual or Legal Entity authorized to submit on behalf of
      the copyright owner. For the purposes of this definition, "submitted"
      means any form of electronic, verbal, or written communication sent
      to the Licensor or its representatives, including but not limited to
      communication on electronic mailing lists, source code control systems,
      and issue tracking systems that are managed by, or on behalf of, the
      Licensor for the purpose of discussing and improving the Work, but
      excluding communication that is conspicuously marked or otherwise
      designated in writing by the copyright owner as "Not a Contribution."

      "Contributor" shall mean Licensor and any individual or Legal Entity
      on behalf of whom a Contribution has been received by Licensor and
      subsequently incorporated within the Work.

   2. Grant of Copyright License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      copyright license to reproduce, prepare Derivative Works of,
      publicly display, publicly perform, sublicense, and distribute the
      Work and such Derivative Works in Source or Object form.

   3. Grant of Patent License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      (except as stated in this section) patent license to make, have made,
      use, offer to sell, sell, import, and otherwise transfer the Work,
      where such license applies only to those patent claims licensable
      by such Contributor that are necessarily infringed by their
      Contribution(s) alone or by combination of their Contribution(s)
      with the Work to which such Contribution(s) was submitted. If You
      institute patent litigation against any entity (including a
      cross-claim or counterclaim in a lawsuit) alleging that the Work
      or a Contribution incorporated within the Work constitutes direct
      or contributory patent infringement, then any patent licenses
      granted to You under this License for that Work shall terminate
      as of the date such litigation is filed.

   4. Redistribution. You may reproduce and distribute copies of the
      Work or Derivative Works thereof in any medium, with or without
      modifications, and in Source or Object form, provided that You
      meet the following conditions:

      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and

      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and

      (c) You must retain, in the Source form of any Derivative Works
          that You distribute, all copyright, patent, trademark, and
          attribution notices from the Source form of the Work,
          excluding those notices that do not pertain to any part of
          the Derivative Works; and

      (d) If the Work includes a "NOTICE" text file as part of its
          distribution, then any Derivative Works that You distribute must
          include a readable copy of the attribution notices contained
          within such NOTICE file, excluding those notices that do not
          pertain to any part of the Derivative Works, in at least one
          of the following places: within a NOTICE text file distributed
          as part of the Derivative Works; within the Source form or
          documentation, if provided along with the Derivative Works; or,
          within a display generated by the Derivative Works, if and
          wherever such third-party notices normally appear. The contents
          of the NOTICE file are for informational purposes only and
          do not modify the License. You may add Your own attribution
          notices within Derivative Works that You distribute, alongside
          or as an addendum to the NOTICE text from the Work, provided
          that such additional attribution notices cannot be construed
          as modifying the License.

      You may add Your own copyright statement to Your modifications and
      may provide additional or different license terms and conditions
      for use, reproduction, or distribution of Your modifications, or
      for any such Derivative Works as a whole, provided Your use,
      reproduction, and distribution of the Work otherwise complies with
      the conditions stated in this License.

   5. Submission of Contributions. Unless You explicitly state otherwise,
      any Contribution intentionally submitted for inclusion in the Work
      by You to the Licensor shall be under the terms and conditions of
      this License, without any additional terms or conditions.
      Notwithstanding the above, nothing herein shall supersede or modify
      the terms of any separate license agreement you may have executed
      with Licensor regarding such Contributions.

   6. Trademarks. This License does not grant permission to use the trade
      names, trademarks, service marks, or product names of the Licensor,
      except as required for reasonable and customary use in describing the
      origin of the Work and reproducing the content of the NOTICE file.

   7. Disclaimer of Warranty. Unless required by applicable law or
      agreed to in writing, Licensor provides the Work (and each
      Contributor provides its Contributions) on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
      implied, including, without limitation, any warranties or conditions
      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
      PARTICULAR PURPOSE. You are solely responsible for determining the
      appropriateness of using or redistributing the Work and assume any
      risks associated with Your exercise of permissions under this License.

   8. Limitation of Liability. In no event and under no legal theory,
      whether in tort (including negligence), contract, or otherwise,
      unless required by applicable law (such as deliberate and grossly
      negligent acts) or agreed to in writing, shall any Contributor be
      liable to You for damages, including any direct, indirect, special,
      incidental, or consequential damages of any character arising as a
      result of this License or out of the use or inability to use the
      Work (including but not limited to damages for loss of goodwill,
      work stoppage, computer failure or malfunction, or any and all
      other commercial damages or losses), even if such Contributor
      has been advised of the possibility of such damages.

   9. Accepting Warranty or Additional Liability. While redistributing
      the Work or Derivative Works thereof, You may choose to offer,
      and charge a fee for, acceptance of support, warranty, indemnity,
      or other liability obligations and/or rights consistent with this
      License. However, in accepting such obligations, You may act only
      on Your own behalf and on Your sole responsibility, not on behalf
      of any other Contributor, and only if You agree to indemnify,
      defend, and hold each Contributor harmless for any liability
      incurred by, or claims asserted against, such Contributor by reason
      of your accepting any such warranty or additional liability.

   END OF TERMS AND CONDITIONS

   APPENDIX: How to apply the Apache License to your work.

      To apply the Apache License to your work, attach the following
      boilerplate notice, with the fields enclosed by brackets "[]"
      replaced with your own identifying information. (Don't include
      the brackets!)  The text should be enclosed in the appropriate
      comment syntax for the file format. We also recommend that a
      file or class name and description of purpose be included on the
      same "printed page" as the copyright notice for easier
      identification within third-party archives.

   Copyright [yyyy] [name of copyright owner]

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.


================================================
FILE: README.md
================================================


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/RedinfraCraft_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/RedInfraCraft_Black.png">
  <img align="center" alt="Mythic_C2" src="assets/RedinfraCraft_White.png">
</picture>
</div>

# Red-Infra-Craft (V2)

Welcome to the **RedInfraCraft (V2)** Tool - your gateway to automating the deployment of robust red team infrastructures! RedInfraCraft is your trusted companion in effortlessly setting up and managing red team infrastructures, streamlining the process so you can focus on your mission. 

- Simplifies the deployment 🚀 of Mythic Command and Control (C2) frameworks. 
- Facilitates the creation 🎯 and management of sophisticated phishing and payload setups. 
- Designed 💡 to be intuitive and easy to use, reducing the learning curve for red teamers.  
- Provides thorough documentation 📚 and guides to assist users at every step.  
- Supports multi-cloud ☁️ environments, allowing deployments across different cloud providers with flexibility and ease.  

Let's craft infrastructures together with **RedInfraCraft (V2)**!!

<br>

## 1. Prerequisite

To follow this guide, you'll need to have the following software installed on your machine:

- **Terraform**

  To Download Terraform, you can visit their official website [HashiCorp](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli). They     provide instructions on how to install Terraform on Windows, Linux, and macOS.

- **Python**

  Make sure you have [Python](https://www.python.org/) installed in your system.

- **Cloud Provider Access**

  You should have an active account and proper credentials/license for at least one of the following cloud providers:

  - Amazon Web Services (AWS)
  - Microsoft Azure
  - Google Cloud Platform (GCP)

  This guide assumes you have sufficient permissions to create and manage resources within your chosen cloud environment.
<br>

## 2. RedInfraCraft Tool Installation
To acquire the tool, you need to clone this GitHub repository. Paste the below command in your terminal.

> [!IMPORTANT]
> Make sure you have installed [git](https://git-scm.com/downloads) in your machine

```bash
git clone https://github.com/RedTeamOperations/Red-Infra-Craft.git
```
<br>

## 3. How to spawn an Infrastructure?

RedInfraCraft enables you to deploy any infrastructure in a single step, automating your tasks efficiently.

<br>

<div align="center">
  <picture>
    <source media="(prefers-color-scheme: dark)" srcset="assets/Common_user1.png">
    <source media="(prefers-color-scheme: light)" srcset="assets/Common_user.png">
    <img align="center" alt="spawn an Infrastructure" src="assets/Common_user.png">
  </picture>
</div>

### Available Infrastructures:

- **C2:**
  - Mythic C2 
  - Mythic C2 with CloudFront and Load Balancer (AWS)
  - Mythic C2 with Frontdoor and Load Balancer (Azure)
  - Mythic C2 with Application Load Balancer (GCP)
- **Payload:**
  - Pwndrop
- **Phishing:** 
  - EvilGinx
  - GoPhish
- **All in One Infra:** 
  - Mythic C2 with CloudFront and Load Balancer, Pwndrop, EvilGinx, GoPhish.
  - Mythic C2 with Frontdoor and Load Balancer, Pwndrop, EvilGinx, GoPhish.

### Cloud Providers
1) AWS
2) Azure
3) GCP

### Help Commands:

- To know more about this tool 💡
  ```bash
  redinfracraft.py info
  ```
  
- To know about arguments 💡
  ```bash
  redinfracraft.py --help
  ```
  
- To view available options 💡
  ```bash 
  redinfracraft.py help
  ```
  
### Commands to Spawn 🔧 and Destroy 🗑️ Infras:

Command Explanation:
  
  --> redinfracraft.py  action  cloud_provider  infra_type  infra
    
- redinfracraft.py  create       aws            c2      mythic
    
- redinfracraft.py  destroy      azure          c2      mythic
    
- redinfracraft.py  create       gcp            c2      mythic


For the step-by-step guide to spawn/destroy Infra go to [infra_deployment_guide](https://github.com/RedTeamOperations/Red-Infra-Craft/tree/main/infra_deployment_guide)

  | Infrastructure | Cloud Provider | Command | Description |
  | ----- | - | -------------- | ------ |
  | Mythic C2 | AWS | redinfracraft.py create/destroy aws c2 mythic | To Create/destroy Mythic C2 infrastructure. | 
  | Mythic C2 | Azure | redinfracraft.py create/destroy azure c2 mythic | To Create/destroy Mythic C2 infrastructure. | 
  | Mythic C2 | AWS | redinfracraft.py create/destroy aws c2 mythic_lb | To Create/destroy Mythic C2 with ELB & CloudFront infrastructure. | 
  | Mythic C2 | Azure | redinfracraft.py create/destroy azure c2 mythic_lb | To Create/destroy Mythic C2 with ELB & Frontdoor infrastructure. | 
  | Mythic C2 | GCP | redinfracraft.py create/destroy gcp c2 mythic_lb | To Create/destroy Mythic C2 with ALB infrastructure. | 
  | Payload | AWS | redinfracraft.py create/destroy aws payload pwndrop | To Create/destroy pwndrop payload infrastructure. | 
  | Payload | Azure | redinfracraft.py create/destroy azure payload pwndrop | To Create/destroy pwndrop payload infrastructure. | 
  | Phishing | AWS | redinfracraft.py create/destroy aws phishing gophish | To Create/destroy Gophish phishing infrastructure. |
  | Phishing | Azure | redinfracraft.py create/destroy azure phishing gophish | To Create/destroy Gophish phishing infrastructure. |
  | Phishing | AWS | redinfracraft.py create/destroy aws phishing evilginx | To Create/destroy Evilginx phishing infrastructure. |
  | Phishing | Azure | redinfracraft.py create/destroy azure phishing evilginx | To Create/destroy Evilginx phishing infrastructure. |
  | All-in-one | AWS | redinfracraft.py create/destroy aws full_infra | To Create/destroy all infrastructures in one go (Mythic C2 with CloudFront and Load Balancer, Payload, Phishing). |
  | All-in-one | Azure | redinfracraft.py create/destroy azure full_infra | To Create/destroy all infrastructures in one go (Mythic C2 with Frontdoor and Load Balancer, Payload, Phishing). |

<br>

## 4. Cost & Specification Overview (Cloud Resources)

### 1. AWS 


  | Resources | Details |
  | ------ | ------------ |
  | EC2 Instance	 | t2.medium (2 vCPU, 4 GB RAM) - Ubuntu AMI: ami-080e1f13689e07408 |
  | Volume (Root Block Device)	 | 20 GB (gp2 EBS)|
  | Security Groups	 | 	1) "Terra_Ec2_sg: Allows SSH (22), HTTP (80) from ELB" 2) "terraElbSg: Allows HTTP (80)" |
  | Key Pair | RSA 4096-bit key pair generated via Terraform |
  | Application Load Balancer (ALB) | Internet-facing, HTTP only, with target group |
  | Target Group | HTTP on port 80, attached to EC2 instance |
  | CloudFront | CDN distribution pointing to the ALB |
  | VPC & Subnets | Using default VPC and multiple subnets |
  | Data sources used	 | 1) Public IP fetch (ipify), 2) AWS VPC, 3) Subnets in selected AZs |
  
Total Estimated Cost: $4.20/day  
* Actual CloudFront + data transfer may vary with usage and traffic  

### 2. Azure 

  | Resources | Details |
  | ------ | ------------ |
  | VM	 | Ubuntu 18.04, size: Standard_B1ms, SSH only, User: azureuser |
  | NIC | Connected to subnet & public IP: Dynamic IP, DNS label hardcoded |
  | NSG | Rules for HTTP, HTTPS (from AzureFrontDoor), SSH (from any) |
  | SSH Key	 | RSA 4096-bit key pair generated locally |
  | Frontdoor | Origin, Origin Group, Front Door Endpoint, Front Door Route |

Total Estimated Cost: $3.74/day  
* This assumes light/moderate usage, 1 VM, and no additional premium services (like WAF, Private Link, or DDoS Protectio, actual cost may vary

### 3. GCP

  | Resources | Details |
  | ------ | ------------ |
  | Compute Instance	 | Machine: n2-standard-2, OS: Debian 11, Public IP: Ephemeral, Scratch Disk: NVMe, Instance Group |
  | Firewall Rule | Allow: TCP 80 , Allow: TCP 443, Allow: TCP 80/443 Sources: GCP Health Check IP ranges |
  | Load Balancer | Global IP Address, Health Check, Frontend Service, Backend Service, URL Map, HTTP Proxy |

Total Estimated Cost: $5.6/day   
* actual cost may vary

<br>

## Learning Content

If you want to learn more, please refer to this content:



<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Certification1.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Certifications.png">
  <img align="center" alt="Certifications" src="assets/Certifications.png">
</picture>
</div>

- Red Team Infra Dev [[CRT-ID](https://cyberwarfare.live/product/red-team-infra-developer/)]
- Multi-Cloud Red Team Analyst [[MCRTA](https://cyberwarfare.live/product/multi-cloud-red-team-analyst-mcrta/)]
- Hybrid Multi-Cloud Red Team Specialist [[CHMRTS](https://cyberwarfare.live/product/hybrid-multi-cloud-red-team-specialist-chmrts/)]

<br>

## Future Releases
Our tool now supports a multi-cloud environment, seamlessly operating across AWS, Microsoft Azure, and Google Cloud Platform (GCP). This broad support ensures maximum flexibility, allowing users to integrate the tool into their preferred cloud infrastructure with ease.

But we’re just getting started.

In upcoming releases, we plan to introduce new cloud-native architectures and additional Command and Control (C2) mechanisms across all supported platforms. These enhancements will further strengthen the tool's capabilities for cloud security operations, offering deeper insights and more powerful features for both offensive and defensive use cases.

Stay tuned as we continue to innovate and expand our tool to meet the evolving needs of the cloud security community.

<br>

## Your Feedback

We highly value your feedback, as it plays a crucial role in the continuous development of RedInfraCraft. Your suggestions and comments are invaluable in further enhancing the tool. Please don't hesitate to share your thoughts either by creating an Issue or reaching out to us via email at [info@cyberwarfare.live](mailto:info@cyberwarfare.live) with the subject **RedInfraCraft**.


================================================
FILE: html/EvilGinx.html
================================================
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Asciinema Demo</title>
    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/css/asciinema-player.css">
</head>
<body>
    <h1>Infra Deployment Demo</h1>
    <asciinema-player src="https://asciinema.org/a/ghmEEERKAfjkleV46XqYWmpoQ.cast" autoplay="true" loop="true"></asciinema-player>
    <script src="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/js/asciinema-player.js"></script>
</body>
</html>

================================================
FILE: html/Full_Infra.html
================================================
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Asciinema Demo</title>
    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/css/asciinema-player.css">
</head>
<body>
    <h1>Infra Deployment Demo</h1>
    <asciinema-player src="https://asciinema.org/a/8R3ryvdt3zuJfS3FBX0TdFuXt.cast" autoplay="true" loop="true"></asciinema-player>
    <script src="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/js/asciinema-player.js"></script>
</body>
</html>


================================================
FILE: html/GoPhish.html
================================================
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Asciinema Demo</title>
    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/css/asciinema-player.css">
</head>
<body>
    <h1>Infra Deployment Demo</h1>
    <asciinema-player src="https://asciinema.org/a/n7w974BlUBNeTMTLxGMb21NYd.cast" autoplay="true" loop="true"></asciinema-player>
    <script src="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/js/asciinema-player.js"></script>
</body>
</html>

================================================
FILE: html/Mythic_C2.html
================================================
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Asciinema Demo</title>
    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/css/asciinema-player.css">
</head>
<body>
    <h1>Infra Deployment Demo</h1>
    <asciinema-player src="https://asciinema.org/a/688653.cast" autoplay="true" loop="true"></asciinema-player>
    <script src="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/js/asciinema-player.js"></script>
</body>
</html>

================================================
FILE: html/Mythic_C2_with_ELB.html
================================================
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Asciinema Demo</title>
    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/css/asciinema-player.css">
</head>
<body>
    <h1>Infra Deployment Demo</h1>
    <asciinema-player src="https://asciinema.org/a/nsKnuaHiweu7euvhBPwcfpJL8.cast" autoplay="true" loop="true"></asciinema-player>
    <script src="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/js/asciinema-player.js"></script>
</body>
</html>


================================================
FILE: html/pwndrop.html
================================================
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Asciinema Demo</title>
    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/css/asciinema-player.css">
</head>
<body>
    <h1>Infra Deployment Demo</h1>
    <asciinema-player src="https://asciinema.org/a/oKih2dKeQ3GwCfyipkiCwHWdZ.cast" autoplay="true" loop="true"></asciinema-player>
    <script src="https://cdn.jsdelivr.net/npm/asciinema-player@2.6.1/resources/public/js/asciinema-player.js"></script>
</body>
</html>

================================================
FILE: infra_deployment_guide/AWS/assets/test
================================================



================================================
FILE: infra_deployment_guide/AWS/readme.md
================================================
#  Infrastructure Walkthroughs:

**Common steps required to perform for each infrastructure deployment.**

Upon executing command to spawn infra, you need to authenticate yourself and provide the following details:

- **var.access_key: AWS Access Key ID**
  
  You need to enter your AWS Management console Access Key ID here.
  
- **var.key_name**
  
  RedInfraCraft automates the retrieval of the secret PEM key file for your EC2 instances, ensuring a hassle-free experience. *To ensure uniqueness, you need to 
  provide different name each time*. Remembering the PEM file name is essential as you'll need it frequently throughout your operations.
  
- **var.secret_key: AWS Secret Access Key**
  
  You need to enter your AWS Management console Secret Access Key here.

You will see that your infra is deployed successfully. 

> [!NOTE]
> Once the command is successfuly executed, you'll find the secret file (with the given name) in the same folder were you have deployed the tool inside the 
  respective infra's directory. Now, you need to connect the EC2 instance.

1. **First limit the permissions of the secret file:**

```bash
chmod 400 YourSecretFileName
```

You can also do it manually as well by visiting properties of the secret file.

2. **Make an SSH connection with the machine:**

```bash
ssh -i "YourSecretFileName" machine_name
```

You can get this command from your AWS Management Console as well, remember you dont need to add `.pem` while entering *YourSecretFileName*

<br>

## 1 Mythic C2

<br>


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Mythic1.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Mythic.png">
  <img align="center" alt="Mythic_C2" src="assets/Mythic.png">
</picture>
</div>
<br>
<br>

### Demo: Infra Deployment 🎬

Check out the demo for Infra deployment (plays directly in browser):

[![asciicast](https://asciinema.org/a/688653.png)](https://RedTeamOperations.github.io/Red-Infra-Craft/html/Mythic_C2.html)




- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create c2 mythic
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with EC2 instance, Check for the “access” directory inside it, you will find Mythic, navigate into it:

  ```bash
  cd access/Mythic
  ```

- To get the credentials of Mythic, run the following command:

  ```bash
  cat .env
  ```

- If you encounter a *directory not found* error, you need to restart Mythic by running the following command:

  ```bash
  sudo ./mythic-cli start
  ```

- Open a different PowerShell window to make a localhost connection for Mythic:

  ```bash
  ssh -L 7443:127.0.0.1:7443 -i "YourSecretFileName" machine_name
  ```

- Now, you can open the .env file in the first powershell window to retrieve the credentials:

  ```bash
  cat .env
  ```

These steps will help you properly set up and connect to Mythic after provisioning the infrastructure.

Visit https://localhost:7443/new/login to access Mythic.

<br>

## 2 Mythic C2 with ELB & CloudFront

<br>
<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Mythic_ELB1.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Mythic_ELB.png">
  <img align="center" alt="Mythic_c2_elb" src="assets/Mythic_ELB.png">
</picture>
</div>

<br>

### Demo: Infra Deployment 🎬

Check out the demo for Infra deployment (plays directly in browser):

[![asciicast](https://asciinema.org/a/688653.png)](https://RedTeamOperations.github.io/Red-Infra-Craft/html/Mythic_C2_with_ELB.html)

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create c2 elb_c2
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with EC2 instance, Check for the “access” directory inside it, You will find Mythic, navigate into it:

  ```bash
  cd access/Mythic
  ```

- To get the credentials of Mythic, run the following command:

  ```bash
  cat .env
  ```

- If you encounter a "directory not found" error, you need to restart Mythic by running the following command:

  ```bash
  sudo ./mythic-cli start
  ```

- Open a different PowerShell window to make a localhost connection for Mythic:

  ```bash
  ssh -L 7443:127.0.0.1:7443 -i "YourSecretFileName" machine_name
  ```

- Now, you can open the .env file to retrieve the credentials:

  ```bash
  cat .env
  ```

These steps will help you properly set up and connect to Mythic after provisioning the infrastructure.


**To Create Payload:**

After accessing Mythic, follow these steps to create a payload:

1. Visit "https://localhost:7443/new/login" to access Mythic.
2. Once logged in, navigate to the payload creation section.
3. In the "Domain" field, add the domain of the CloudFront distribution. You can obtain this domain from the management console of AWS.
4. Set the "Callback port" to 443.
5. Review your payload configuration.
6. You can view your payload details and download it for use. 

These steps will help you create a payload in Mythic with the appropriate domain and callback port settings for your CloudFront distribution.

<br>

## 3 Payload - Pwndrop

<br>


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/pwndrop1.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/pwndrop.png">
  <img align="center" alt="pwndrop" src="assets/pwndrop.png">
</picture>
</div>

<br>
<br>

### Demo: Infra Deployment 🎬

Check out the demo for Infra deployment (plays directly in browser):

[![asciicast](https://asciinema.org/a/688653.png)](https://RedTeamOperations.github.io/Red-Infra-Craft/html/pwndrop.html)

- To Deploy this infra you need to execute following command:

- ```bash
  redinfracraft.py create payload pwndrop
  ```
> [!NOTE] 
> Perform Common necessary steps mentioned above

- After making the ssh connection with EC2 instance, Check for the “pwndrop” directory, navigate into it:

  ```bash
  cd pwndrop
  ```

- To start the Pwndrop on your machine:

  ```bash
  sudo ./pwndrop
  ```

Visit https://<your_machine_ip>/pwndrop to access Pwndrop dashboard

These steps will help you properly set up and connect to pwndrop after provisioning the infrastructure.

<br>

## 4 Phishing - GoPhish

<br>


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/gophish1.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/gophish.png">
  <img align="center" alt="gophish" src="assets/gophish.png">
</picture>
</div>

<br>
<br>

### Demo: Infra Deployment 🎬

Check out the demo for Infra deployment (plays directly in browser):

[![asciicast](https://asciinema.org/a/688653.png)](https://RedTeamOperations.github.io/Red-Infra-Craft/html/GoPhish.html)

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create phishing gophish
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with EC2 instance, to start the GoPhish on your machine, you need to execute following command:

  ```bash
  sudo ./gophish
  ```
Visit https://<your_machine_ip>:3333 to access Gophish dashboard

  - Username (default): admin
  - Password (default): gophish

Now you can access all options of GoPhish.

These steps will help you properly set up and connect to GoPhish after provisioning the infrastructure.

<br>

## 5 Phishing - EvilGinx

<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/evilginx1.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/evilginx.png">
  <img align="center" alt="evilginx" src="assets/evilginx.png">
</picture>
</div>

<br>
<br>

### Demo: Infra Deployment 🎬

Check out the demo for Infra deployment (plays directly in browser):

[![asciicast](https://asciinema.org/a/688653.png)](https://RedTeamOperations.github.io/Red-Infra-Craft/html/EvilGinx.html)

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create phishing evilginx
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with EC2 instance, Check for the “evilginx2” directory, navigate into it:

  ```bash
  cd evilginx2
  ```

- To start the EvilGinx on your machine :

  ```bash
  sudo ~/evilginx2/evilginx2 -p ./phishlets/
  ```

These steps should help you properly set up and connect to EvilGinx after provisioning the infrastructure

<br>

## 6 All-in-one

<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Aws_Full_infra_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/AWS_Full_infra_Black.png">
  <img align="center" alt="overall" src="assets/Aws_Full_infra_White.png">
</picture>
</div>


### Demo: Infra Deployment 🎬

Check out the demo for Infra deployment (plays directly in browser):

[![asciicast](https://asciinema.org/a/688653.png)](https://RedTeamOperations.github.io/Red-Infra-Craft/html/Full_Infra.html)

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create full_infra
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above**

This infrastructure offers you the flexibility to utilize every component. You must adhere to the specified steps for each respective component.
<br>


================================================
FILE: infra_deployment_guide/Azure/readme.md
================================================
#  Infrastructure Walkthroughs:

**Common steps required to perform for each infrastructure deployment.**

Before spinning any of the infra make sure you modify **terraform.auto.tfvars** and provide the following required details:

Location of **terraform.auto.tfvars** file: RedInfraCraft (V2) << Terraform << terraform.auto.tfvars

- **subscription_id = <YOUR_SUBSCRIPTIO_ID>**
  
  You need to enter your Azure Subscription ID here.

- **tenant_id = <YOUR_TENANT_ID>**
  
  You need to enter your Aure Tenant ID here.
  
- **client_id = <YOUR_CLIENT_ID>**
  
  You need to enter Service Account's Client ID here.
  
- **client_secret = <YOUR_CLIENT_SECRET>**
  
  You need to enter Service Account's Client ID here.

- **vm_key_name = <VM_Secret_File_Name>**
  
  RedInfraCraft automates the retrieval of the secret PEM key file for your VM instances, ensuring a hassle-free experience. *To ensure uniqueness, you need to 
  provide different name each time*. Remembering the PEM file name is essential as you'll need it frequently throughout your operations.

**Once you make the required changes, you can spawn your infra, every architectures command you will find further in this document!! **

After that you will see that your infra is deployed successfully. 

> [!NOTE]
> Once the command is successfuly executed, you'll find the secret file (with the given name) in the same folder were you have deployed the tool inside the 
  respective infra's directory. Now, you need to connect the VM instance.

1. **First limit the permissions of the secret file:**

```bash
chmod 400 YourSecretFileName
```

You can also do it manually as well by visiting properties of the secret file.

2. **Make an SSH connection with the machine:**

```bash
ssh -i "YourSecretFileName" username@ip_address
```


<br>

## 1 Mythic C2

<br>


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Mythic_C2_Azure_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Mythic_C2_Azure_Black.png">
  <img align="center" alt="Mythic_C2" src="assets/Mythic_C2_Azure_White.png">
</picture>
</div>
<br>
<br>

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create azure c2 mythic
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with VM instance, Check for the “access” directory inside it, you will find Mythic, navigate into it:

  ```bash
  cd access/Mythic
  ```

- To get the credentials of Mythic, run the following command:

  ```bash
  cat .env
  ```

- If you encounter a *directory not found* error, you need to restart Mythic by running the following command:

  ```bash
  sudo ./mythic-cli start
  ```

- Open a different PowerShell window to make a localhost connection for Mythic:

  ```bash
  ssh -L 7443:127.0.0.1:7443 -i "YourSecretFileName" machine_name
  ```

- Now, you can open the .env file in the first powershell window to retrieve the credentials:

  ```bash
  cat .env
  ```

These steps will help you properly set up and connect to Mythic after provisioning the infrastructure.

Visit https://localhost:7443/new/login to access Mythic.

<br>

## 2 Mythic C2 with Frontdoor

<br>
<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Mythic_C2with_ELB_Azure_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Mythic_C2with_ELB_Azure_Black.png">
  <img align="center" alt="Mythic_c2_elb" src="assets/Mythic_C2with_ELB_Azure_White.png">
</picture>
</div>

<br>

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create aure c2 elb_c2
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with VM instance, Check for the “access” directory inside it, You will find Mythic, navigate into it:

  ```bash
  cd access/Mythic
  ```

- To get the credentials of Mythic, run the following command:

  ```bash
  cat .env
  ```

- If you encounter a "directory not found" error, you need to restart Mythic by running the following command:

  ```bash
  sudo ./mythic-cli start
  ```

- Open a different PowerShell window to make a localhost connection for Mythic:

  ```bash
  ssh -L 7443:127.0.0.1:7443 -i "YourSecretFileName" machine_name
  ```

- Now, you can open the .env file to retrieve the credentials:

  ```bash
  cat .env
  ```

These steps will help you properly set up and connect to Mythic after provisioning the infrastructure.


**To Create Payload:**

After accessing Mythic, follow these steps to create a payload:

1. Visit "https://localhost:7443/new/login" to access Mythic.
2. Once logged in, navigate to the payload creation section.
3. In the "Domain" field, add the domain of the CloudFront distribution. You can obtain this domain from the management console of AWS.
4. Set the "Callback port" to 443.
5. Review your payload configuration.
6. You can view your payload details and download it for use. 

These steps will help you create a payload in Mythic with the appropriate domain and callback port settings for your CloudFront distribution.

<br>

## 3 Payload - Pwndrop

<br>


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/pwndrop_Azure_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/pwndrop_Azure_Black.png">
  <img align="center" alt="pwndrop" src="assets/pwndrop_Azure_White.png">
</picture>
</div>

<br>
<br>

- To Deploy this infra you need to execute following command:

- ```bash
  redinfracraft.py create azure payload pwndrop
  ```
> [!NOTE] 
> Perform Common necessary steps mentioned above

- After making the ssh connection with VM instance, Check for the “pwndrop” directory, navigate into it:

  ```bash
  cd pwndrop
  ```

- To start the Pwndrop on your machine:

  ```bash
  sudo ./pwndrop
  ```

Visit https://<your_machine_ip>/pwndrop to access Pwndrop dashboard

These steps will help you properly set up and connect to pwndrop after provisioning the infrastructure.

<br>

## 4 Phishing - GoPhish

<br>


<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/GoPhish_Azure_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/GoPhish_Azure_Black.png">
  <img align="center" alt="gophish" src="assets/GoPhish_Azure_White.png">
</picture>
</div>

<br>
<br>

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create azure phishing gophish
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with VM instance, to start the GoPhish on your machine, you need to execute following command:

  ```bash
  sudo ./gophish
  ```
Visit https://<your_machine_ip>:3333 to access Gophish dashboard

  - Username (default): admin
  - Password (default): gophish

Now you can access all options of GoPhish.

These steps will help you properly set up and connect to GoPhish after provisioning the infrastructure.

<br>

## 5 Phishing - EvilGinx

<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Evilginx_Azure_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Evilginx_Azure_Black.png">
  <img align="center" alt="evilginx" src="assets/Evilginx_Azure_White.png">
</picture>
</div>

<br>
<br>

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create azure phishing evilginx
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with VM instance, Check for the “evilginx2” directory, navigate into it:

  ```bash
  cd evilginx2
  ```

- To start the EvilGinx on your machine :

  ```bash
  sudo ~/evilginx2/evilginx2 -p ./phishlets/
  ```

These steps should help you properly set up and connect to EvilGinx after provisioning the infrastructure

<br>

## 6 All-in-one

<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/azure_Full_infra_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Azure_Full_infra_Black.png">
  <img align="center" alt="overall" src="assets/azure_Full_infra_White.png">
</picture>
</div>

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create azure full_infra
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above**

This infrastructure offers you the flexibility to utilize every component. You must adhere to the specified steps for each respective component.
<br>



================================================
FILE: infra_deployment_guide/GCP/readme.md
================================================
#  Infrastructure Walkthroughs:

**Common steps required to perform for each infrastructure deployment.**

Step-1: Before spinning any of the infra make sure you modify **terraform.auto.tfvars** and provide the following required details:

Location of **terraform.auto.tfvars** file: RedInfraCraft (V2) << Terraform << terraform.auto.tfvars

- **project_id = "<YOUR_PROJECT_ID>"** 
  
  You need to enter your Azure Project ID here.

- **location = "<YOUR_GCP_LOCATION>"**

  You need to enter your GCP Location here.

Step-2: You need to authenticate to your Google Cloud Platform
```bash
gcloud auth activate-service-account --key-file <Path_of_Service_account_key_file>
```

**Once you make the required changes and authenticate to Google Cloud Platform, you can spawn your infra, every architectures command you will find further in this document!! **

After that you will see that your infra is deployed successfully. 

> [!NOTE]
> Once the command is successfuly executed, you'll find the secret file (with the given name) in the same folder were you have deployed the tool inside the 
  respective infra's directory. Now, you need to connect the VM instance.

1. **First limit the permissions of the secret file:**

```bash
chmod 400 YourSecretFileName
```

You can also do it manually as well by visiting properties of the secret file.

2. **Make an SSH connection with the machine:**

```bash
ssh -i "YourSecretFileName" username@ip_address
```
<br>

## 2 Mythic C2 with ALB

<br>
<br>

<div align="center">
<picture>
  <source media="(prefers-color-scheme: dark)" srcset="assets/Mythic_C2_ALB_GCP_White.png">
  <source media="(prefers-color-scheme: light)" srcset="assets/Mythic_C2_ALB_GCP_Black.png">
  <img align="center" alt="Mythic_c2_elb" src="assets/Mythic_C2with_ELB_Azure_White.png">
</picture>
</div>

<br>

- To Deploy this infra you need to execute following command:

  ```bash
  redinfracraft.py create aure c2 elb_c2
  ```

> [!NOTE]
> Perform Common necessary steps mentioned above

- After making the ssh connection with instance, Check for the “access” directory inside it, You will find Mythic, navigate into it:

  ```bash
  cd access/Mythic
  ```

- To get the credentials of Mythic, run the following command:

  ```bash
  cat .env
  ```

- If you encounter a "directory not found" error, you need to restart Mythic by running the following command:

  ```bash
  sudo ./mythic-cli start
  ```

- Open a different PowerShell window to make a localhost connection for Mythic:

  ```bash
  ssh -L 7443:127.0.0.1:7443 -i "YourSecretFileName" machine_name
  ```

- Now, you can open the .env file to retrieve the credentials:

  ```bash
  cat .env
  ```

These steps will help you properly set up and connect to Mythic after provisioning the infrastructure.


**To Create Payload:**

After accessing Mythic, follow these steps to create a payload:

1. Visit "https://localhost:7443/new/login" to access Mythic.
2. Once logged in, navigate to the payload creation section.
3. In the "Domain" field, add the domain of the CloudFront distribution. You can obtain this domain from the management console of AWS.
4. Set the "Callback port" to 443.
5. Review your payload configuration.
6. You can view your payload details and download it for use. 

These steps will help you create a payload in Mythic with the appropriate domain and callback port settings for your CloudFront distribution.

<br>


================================================
FILE: redinfracraft/Terraform/AWS/AWS_Evilginx_Phishing_Server/main.tf
================================================
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.46.0"
    }
  }
}


# AWS Provider
provider "aws" {
  region     = var.region
  access_key = var.access_key
  secret_key = var.secret_key
}

variable "access_key" {
  description = "AWS Access Key ID"
}

variable "secret_key" {
  description = "AWS Secret Access Key"
}

variable "region" {
  description = "AWS Region"
}

variable "key_name" {
  description = "EC2 secret file name"
}

variable "security_group" {
  description = "Security group for EC2 Instance creatted through Terraform."
  default = "Terra_Phish_Ec2_sg"
}
data "http" "my_ip" {
  url = "https://api.ipify.org?format=text"
}

locals {
  my_ip = "${chomp(data.http.my_ip.response_body)}/32"
}


# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "aws_key_pair" "key_pair" {
  key_name   = var.key_name
  public_key = tls_private_key.rsa-4096.public_key_openssh
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.key_name
}


# EC2 Instance
resource "aws_instance" "Terra_Phish_Ec2" {
  ami           = "ami-080e1f13689e07408"
  instance_type = "t2.micro"
  key_name      = aws_key_pair.key_pair.key_name
  security_groups = [var.security_group]
  availability_zone = "us-east-1a"

  root_block_device {
    volume_size = 16  
    delete_on_termination = true
  }

    
  user_data = <<EOF
#!/bin/bash

sudo apt update

cd /home/ubuntu

sudo apt install -y wget
wget https://golang.org/dl/go1.19.5.linux-amd64.tar.gz
sudo tar -C /usr/local -xvf go1.19.5.linux-amd64.tar.gz

echo -e "export GOROOT=/usr/local/go" | sudo tee -a .profile
echo -e 'export GOPATH=$HOME/go' | sudo tee -a /home/ubuntu/.profile
echo -e 'export PATH=$GOPATH/bin:$GOROOT/bin:$PATH' | sudo tee -a /home/ubuntu/.profile
source .profile

sudo apt-get -y install git make
sudo git clone https://github.com/kgretzky/evilginx2.git


cd /home/ubuntu/evilginx2/
sudo /usr/local/go/bin/go build -o /home/ubuntu/evilginx2/evilginx2 -ldflags="-s -w -buildid=" -buildvcs=false

sudo hostnamectl set-hostname cwltraining.live

sudo reboot

EOF
# sudo ~/evilginx2/evilginx2 -p ./phishlets/


  tags = {
    Name = "Terra_Phish_Ec2"
  }
}


# Security Group for EC2 Instance
resource "aws_security_group" "Terra_Phish_Ec2_sg" {
  name = var.security_group

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


# VPC
data "aws_vpc" "default" {
  default = true
}



# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
************************************************************
| 🖥️ Machine Ip: ${aws_instance.Terra_Phish_Ec2.public_ip} |
************************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
********************************** 
| 👤 Username of Machine: ubuntu |
**********************************
EOF
}

output "destroy_infra" {
  value = <<EOF
***************************************************************
| 🗑️	Command: redinfracraft.py destroy aws phishing evilginx |
***************************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/AWS/AWS_GoPhish_Phishing_Server/main.tf
================================================
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.46.0"
    }
  }
}


# AWS Provider
provider "aws" {
  region     = var.region
  access_key = var.access_key
  secret_key = var.secret_key
}

variable "access_key" {
  description = "AWS Access Key ID"
}

variable "secret_key" {
  description = "AWS Secret Access Key"
}

variable "region" {
  description = "AWS Region"
}

variable "key_name" {
  description = "EC2 secret file name"
}


variable "security_group" {
  description = "Security group for EC2 Instance creatted through Terraform."
  default = "Terra_GoPhish_Ec2_sg"
}

data "http" "my_ip" {
  url = "https://api.ipify.org?format=text"
}

locals {
  my_ip = "${chomp(data.http.my_ip.response_body)}/32"
}


# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "aws_key_pair" "key_pair" {
  key_name   = var.key_name
  public_key = tls_private_key.rsa-4096.public_key_openssh
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.key_name
}


# EC2 Instance
resource "aws_instance" "Terra_GoPhish_Ec2" {
  ami           = "ami-080e1f13689e07408"
  instance_type = "t2.micro"
  key_name      = aws_key_pair.key_pair.key_name
  security_groups = [var.security_group]
  availability_zone = "us-east-1a"

  root_block_device {
    volume_size = 16  
    delete_on_termination = true
  }
    
  user_data = <<EOF
#!/bin/bash

sudo apt update

cd /home/ubuntu

sudo apt install -y git 
sudo apt install -y wget
sudo wget https://github.com/gophish/gophish/releases/download/0.7.1/gophish-v0.7.1-linux-64bit.zip
sudo apt install -y unzip
sudo unzip gophish-v0.7.1-linux-64bit.zip  
chmod +x gophish

sudo sh -c 'echo "" > config.json'

echo '{
        "admin_server": {
                "listen_url": "0.0.0.0:3333",
                "use_tls": true,
                "cert_path": "gophish_admin.crt",
                "key_path": "gophish_admin.key"
        },
        "phish_server": {
                "listen_url": "0.0.0.0:80",
                "use_tls": false,
                "cert_path": "example.crt",
                "key_path": "example.key"
        },
        "db_name": "sqlite3",
        "db_path": "gophish.db",
        "migrations_prefix": "db/db_",
        "contact_address": ""
}' | sudo tee config.json > /dev/null

sudo apt install -y sqlite3
sudo sqlite3 gophish.db;

EOF

  tags = {
    Name = "Terra_GoPhish_Ec2"
  }
}


# Security Group for EC2 Instance
resource "aws_security_group" "Terra_GoPhish_Ec2_sg" {
  name = var.security_group

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 3333
    to_port     = 3333
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


# Default VPC
data "aws_vpc" "default" {
  default = true
}


# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
**************************************************************
| 🖥️ Machine Ip: ${aws_instance.Terra_GoPhish_Ec2.public_ip} |
**************************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
********************************** 
| 👤 Username of Machine: ubuntu |
**********************************
EOF
}

output "destroy_infra" {
  value = <<EOF
**************************************************************
| 🗑️	Command: redinfracraft.py destroy aws phishing gophish |
**************************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/AWS/AWS_Mythic_C2/main.tf
================================================
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.46.0"
    }
  }
}


# AWS Provider
provider "aws" {
  region     = var.region
  access_key = var.access_key
  secret_key = var.secret_key
}

variable "access_key" {
  description = "AWS Access Key ID"
}

variable "secret_key" {
  description = "AWS Secret Access Key"
}

variable "region" {
  description = "AWS Region"
}

variable "key_name" {
  description = "EC2 secret file name"
}

variable "security_group" {
  description = "Security group for EC2 Instance creatted through Terraform."
  default = "Mythic_EC2_sg"
}


data "http" "my_ip" {
  url = "https://api.ipify.org?format=text"
}

locals {
  my_ip = "${chomp(data.http.my_ip.response_body)}/32"
}


# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "aws_key_pair" "key_pair" {
  key_name   = var.key_name
  public_key = tls_private_key.rsa-4096.public_key_openssh
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.key_name
}


# EC2 Instance
resource "aws_instance" "Mythic_EC2" {
  ami           = "ami-080e1f13689e07408"
  instance_type = "t2.medium"
  key_name      = aws_key_pair.key_pair.key_name
  security_groups = [var.security_group]
  availability_zone = "us-east-1e"

  root_block_device {
    volume_size = 20  
    delete_on_termination = true
  }

  user_data = <<EOF
#!/bin/bash

sudo mkdir -p /home/ubuntu/access
cd /home/ubuntu/access

sudo apt-get update -y
sudo apt-get install -y git

sudo git clone https://github.com/its-a-feature/Mythic

cd /home/ubuntu/access/Mythic

sudo apt install -y ca-certificates curl gnupg

# Create the keyrings directory (if not already created)
sudo mkdir -p /etc/apt/keyrings

# Download and add the Docker GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null
sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update -y
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

sudo apt-get install -y make
sudo make

sudo /home/ubuntu/access/Mythic/mythic-cli install github https://github.com/MythicC2Profiles/http
sudo -E /home/ubuntu/access/Mythic/mythic-cli install github https://github.com/MythicAgents/Apollo.git

sudo /home/ubuntu/access/Mythic/mythic-cli start

EOF

  tags = {
    Name = "Mythic_EC2"
  }
}


# Security Group for EC2 Instance
resource "aws_security_group" "Mythic_EC2_sg" {
  name = var.security_group

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }


  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


# VPC
data "aws_vpc" "default" {
  default = true
}



# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
*******************************************************
| 🖥️ Machine Ip: ${aws_instance.Mythic_EC2.public_ip} |
*******************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
********************************** 
| 👤 Username of Machine: ubuntu |
**********************************
EOF
}

output "destroy_infra" {
  value = <<EOF
*******************************************************
| 🗑️	Command: redinfracraft.py destroy aws c2 mythic |
*******************************************************
EOF 
}


================================================
FILE: redinfracraft/Terraform/AWS/AWS_Mythic_C2_with_CloudFront/main.tf
================================================
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.46.0"
    }
  }
}


# AWS Provider
provider "aws" {
  region     = var.region
  access_key = var.access_key
  secret_key = var.secret_key
}

variable "access_key" {
  description = "AWS Access Key ID"
}

variable "secret_key" {
  description = "AWS Secret Access Key"
}

variable "region" {
  description = "AWS Region"
}

variable "key_name" {
  description = "EC2 secret file name"
}


variable "security_group" {
  description = "Security group for EC2 Instance creatted through Terraform."
  default = "terra_ec2_sg"
}

data "http" "my_ip" {
  url = "https://api.ipify.org?format=text"
}

locals {
  my_ip = "${chomp(data.http.my_ip.response_body)}/32"
}


# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "aws_key_pair" "key_pair" {
  key_name   = var.key_name
  public_key = tls_private_key.rsa-4096.public_key_openssh
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.key_name
}


# EC2 Instance
resource "aws_instance" "Terra_Ec2" {
  ami           = "ami-080e1f13689e07408"
  instance_type = "t2.medium"
  key_name      = aws_key_pair.key_pair.key_name
  vpc_security_group_ids = [aws_security_group.Terra_Ec2_sg.id]
  availability_zone = "us-east-1e"

  root_block_device {
    volume_size = 20  
    delete_on_termination = true
  }

  user_data = <<EOF
#!/bin/bash

sudo mkdir -p /home/ubuntu/access
cd /home/ubuntu/access

sudo apt-get update -y
sudo apt-get install -y git

sudo git clone https://github.com/its-a-feature/Mythic

cd /home/ubuntu/access/Mythic

sudo apt install -y ca-certificates curl gnupg

# Create the keyrings directory (if not already created)
sudo mkdir -p /etc/apt/keyrings

# Download and add the Docker GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null
sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update -y
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

sudo apt-get install -y make
sudo make

sudo /home/ubuntu/access/Mythic/mythic-cli install github https://github.com/MythicC2Profiles/http
sudo -E /home/ubuntu/access/Mythic/mythic-cli install github https://github.com/MythicAgents/Apollo.git

sudo /home/ubuntu/access/Mythic/mythic-cli start

EOF

  tags = {
    Name = "Terra_EC2"
  }
}


# Security Group for EC2 Instance
resource "aws_security_group" "Terra_Ec2_sg" {
  name = var.security_group

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    security_groups = [aws_security_group.terraElbSg.id]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


# VPC
data "aws_vpc" "default" {
  default = true
}


# Target Group
resource "aws_lb_target_group" "TerraEC2Tg" {
  name        = "TerraEC2Tg"
  port        = 80
  protocol    = "HTTP"
  target_type = "instance"
  vpc_id      = data.aws_vpc.default.id
}

resource "aws_lb_target_group_attachment" "TerraEC2TgAttach" {
  target_group_arn = aws_lb_target_group.TerraEC2Tg.arn
  target_id = aws_instance.Terra_Ec2.id
  port = 80
}


# Subnet
data "aws_subnets" "GetSubnet" {
  
  filter {
    name = "vpc-id"
    values = [data.aws_vpc.default.id]
  }
  filter {
    name   = "availability-zone"
    values = [aws_instance.Terra_Ec2.availability_zone, "us-east-1a"] 
  }                                               
}


# Load Balancer
resource "aws_lb" "terraElb" {
  name               = "terraElb"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [aws_security_group.terraElbSg.id]
  subnets            = data.aws_subnets.GetSubnet.ids
  tags ={
    Name = "terraElb"
  }
}

resource "aws_lb_listener" "http" {
  load_balancer_arn = aws_lb.terraElb.arn
  port              = "80"
  protocol          = "HTTP"
  
  default_action {
    type             = "forward"
    forward {
      target_group{
        arn = aws_lb_target_group.TerraEC2Tg.arn
      }
    }   
  }
}


# Security Group for Load Balancer
resource "aws_security_group" "terraElbSg" {
  name = "Allow http traffic"
  vpc_id      = data.aws_vpc.default.id

  ingress {
         from_port   = 80
         to_port     = 80
         protocol    = "tcp"
         cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
         from_port   = 0
         to_port     = 0
         protocol    = "-1"
         cidr_blocks = ["0.0.0.0/0"]
  }
}


# CloudFront
resource "aws_cloudfront_distribution" "my_cloudfront_distribution" {
  origin {
    domain_name = aws_lb.terraElb.dns_name  # Use the DNS name of the Load Balancer as the origin
    origin_id   = "my-load-balancer-origin"  # Set a unique ID for the origin
    custom_origin_config {
      http_port              = 80
      https_port             = 443
      origin_protocol_policy = "http-only"
      origin_ssl_protocols   = ["TLSv1.2", "TLSv1.1"]
    }
  }

  enabled             = true
  is_ipv6_enabled     = true
  comment             = "My CloudFront Distribution"
  default_root_object = "index.html"

  # Define default cache behavior
  default_cache_behavior {
    allowed_methods  = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = "my-load-balancer-origin"  # Use the same origin ID as defined above
    viewer_protocol_policy = "allow-all"
    forwarded_values {
      query_string = false
      cookies {
        forward = "none"
      }
    }
    min_ttl = 0
    default_ttl = 3600
    max_ttl = 86400
  }

  # Define viewer certificate (if using HTTPS)
  viewer_certificate {
    cloudfront_default_certificate = true
  }
  
  # Define restrictions, if needed (e.g., whitelist IP addresses)
  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }
}



# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
******************************************************
| 🖥️ Machine Ip: ${aws_instance.Terra_Ec2.public_ip} |
******************************************************

EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
********************************** 
| 👤 Username of Machine: ubuntu |
**********************************
EOF
}

# Output the Domain of the CloudFront
output "cloudfront_domain_name" {
  value = <<EOF
***********************************************************************************************
| 🌍 CloudFront Domain: ${aws_cloudfront_distribution.my_cloudfront_distribution.domain_name} |
***********************************************************************************************
EOF
}


output "destroy_infra" {
  value = <<EOF
*********************************************************
| 🗑️	Command: redinfracraft.py destroy aws c2 mythic_lb |
*********************************************************
EOF 
}


================================================
FILE: redinfracraft/Terraform/AWS/AWS_Pwndrop_Payload_Server/main.tf
================================================
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.46.0"
    }
  }
}


# AWS Provider
provider "aws" {
  region     = var.region
  access_key = var.access_key
  secret_key = var.secret_key
}

variable "access_key" {
  description = "AWS Access Key ID"
}

variable "secret_key" {
  description = "AWS Secret Access Key"
}

variable "region" {
  description = "AWS Region"
}

variable "key_name" {
  description = "EC2 secret file name"
}


variable "security_group" {
  description = "Security group for EC2 Instance creatted through Terraform."
  default = "Terra_Pwn_Ec2_sg"
}


data "http" "my_ip" {
  url = "https://api.ipify.org?format=text"
}

locals {
  my_ip = "${chomp(data.http.my_ip.response_body)}/32"
}

# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "aws_key_pair" "key_pair" {
  key_name   = var.key_name
  public_key = tls_private_key.rsa-4096.public_key_openssh
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.key_name
}


# EC2 Instance
resource "aws_instance" "Terra_Pwn_Ec2" {
  ami           = "ami-080e1f13689e07408"
  instance_type = "t2.micro"
  key_name      = aws_key_pair.key_pair.key_name
  security_groups = [var.security_group]
  availability_zone = "us-east-1a"

  root_block_device {
    volume_size = 16  
    delete_on_termination = true
  }

    
  user_data = <<EOF
#!/bin/bash

sudo apt update

cd /home/ubuntu

sudo apt install -y wget
wget https://github.com/kgretzky/pwndrop/releases/download/1.0.1/pwndrop-linux-amd64.tar.gz
tar zxvf pwndrop-linux-amd64.tar.gz 

EOF

  tags = {
    Name = "Terra_Pwn_Ec2"
  }
}


# Security Group for EC2 Instance
resource "aws_security_group" "Terra_Pwn_Ec2_sg" {
  name = var.security_group

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


# VPC
data "aws_vpc" "default" {
  default = true
}


# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
**********************************************************
| 🖥️ Machine Ip: ${aws_instance.Terra_Pwn_Ec2.public_ip} |
**********************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
********************************** 
| 👤 Username of Machine: ubuntu |
**********************************
EOF
}

output "destroy_infra" {
  value = <<EOF
*************************************************************
| 🗑️	Command: redinfracraft.py destroy aws payload pwndrop |
*************************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/Azure/Azure_Evilginx_Phishing_Server/main.tf
================================================
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.0"
    }
  }
}

/* 
Before Executing this terraform script, you need to create one Service Principal with 
Owner, User Access Administrator, User Administrator, Global Administrator Permissions.
*/

provider "azurerm" {
  features {}
  subscription_id = var.subscription_id
  client_id       = var.client_id
  client_secret   = var.client_secret
  tenant_id       = var.tenant_id
}

variable "subscription_id" {
  description = "Azure Subscription Id"
  type = string
}

variable "client_id" {
  description = "Azure Client Id"
  type = string
}

variable "client_secret" {
  description = "Azure Client Secret"
  type = string
}

variable "tenant_id" {
  description = "Azure Tenant Id"
  type = string
}

variable "vm_key_name" {
  description = "VM Secret File Name"
  type = string
}

# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.vm_key_name
}

# 1. Create Resource Group
resource "azurerm_resource_group" "rg" {
  name     = "Mythic"
  location = "East US"
}


# 1. Create Virtual Network
resource "azurerm_virtual_network" "vnet" {
  name                = "myVNet"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  address_space       = ["10.0.0.0/16"]
}

# 3. Create Subnet
resource "azurerm_subnet" "subnet" {
  name                 = "mySubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]
}

# 4. Create Public IP
resource "azurerm_public_ip" "pip" {
  name                = "myPublicIP"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Dynamic"
  domain_name_label   = "mypublicipdns12343131245325675" 
}

# 5. Create Network Interface
resource "azurerm_network_interface" "nic" {
  name                = "myNIC"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "myNicConfiguration"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.pip.id
  }

}

# 6. Create Virtual Machine with User Data
resource "azurerm_linux_virtual_machine" "vm" {
  name                = "myVM"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  size                = "Standard_B1ms"

  admin_username = "azureuser"

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_ssh_key {
    username   = "azureuser"
    public_key = tls_private_key.rsa-4096.public_key_openssh
  }

  disable_password_authentication = true

  custom_data = base64encode(file("script.sh"))
}

resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.nic.id
  network_security_group_id = azurerm_network_security_group.nsg.id
}

resource "azurerm_network_security_group" "nsg" {
  name                = "myNSG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  security_rule {
    name                       = "Allow-HTTP-Inbound"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "80"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTP traffic using the Http tag"
   
  }

  security_rule {
    name                       = "Allow-HTTPS-Inbound"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "443"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTPS traffic using the Https tag"
  
  }

  security_rule {
    name                       = "Allow-SSH"
    priority                   = 120
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "22"
    source_address_prefix     = "*"
    destination_address_prefix = "*"
  }
}



data "azurerm_client_config" "current" {}

# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
************************************************************************
| 🖥️ Machine Ip: ${azurerm_linux_virtual_machine.vm.public_ip_address} |
************************************************************************

EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
*************************************
| 👤 Username of Machine: azureuser |
*************************************
EOF
}

output "destroy_infra" {
  value = <<EOF
****************************************************************
| 🗑️	Command: redinfracraft.py destroy azure phishing evilginx |
****************************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/Azure/Azure_Evilginx_Phishing_Server/script.sh
================================================
#!/bin/bash

sudo apt update

cd /home/azureuser

sudo apt install -y wget
wget https://golang.org/dl/go1.19.5.linux-amd64.tar.gz
sudo tar -C /usr/local -xvf go1.19.5.linux-amd64.tar.gz

echo -e "export GOROOT=/usr/local/go" | sudo tee -a .profile
echo -e 'export GOPATH=$HOME/go' | sudo tee -a /home/azureuser/.profile
echo -e 'export PATH=$GOPATH/bin:$GOROOT/bin:$PATH' | sudo tee -a /home/azureuser/.profile
source .profile

sudo apt-get -y install git make
sudo git clone https://github.com/kgretzky/evilginx2.git


cd /home/azureuser/evilginx2/
sudo /usr/local/go/bin/go build -o /home/azureuser/evilginx2/evilginx2 -ldflags="-s -w -buildid=" -buildvcs=false

sudo hostnamectl set-hostname cwltraining.live

sudo reboot

================================================
FILE: redinfracraft/Terraform/Azure/Azure_GoPhish_Phishing_Server/main.tf
================================================
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.0"
    }
  }
}

/* 
Before Executing this terraform script, you need to create one Service Principal with 
Owner, User Access Administrator, User Administrator, Global Administrator Permissions.
*/

provider "azurerm" {
  features {}
  subscription_id = var.subscription_id
  client_id       = var.client_id
  client_secret   = var.client_secret
  tenant_id       = var.tenant_id
}

variable "subscription_id" {
  description = "Azure Subscription Id"
  type = string
}

variable "client_id" {
  description = "Azure Client Id"
  type = string
}

variable "client_secret" {
  description = "Azure Client Secret"
  type = string
}

variable "tenant_id" {
  description = "Azure Tenant Id"
  type = string
}

variable "vm_key_name" {
  description = "VM Secret File Name"
  type = string
}

# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.vm_key_name
}

# 1. Create Resource Group
resource "azurerm_resource_group" "rg" {
  name     = "Mythic"
  location = "East US"
}


# 1. Create Virtual Network
resource "azurerm_virtual_network" "vnet" {
  name                = "myVNet"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  address_space       = ["10.0.0.0/16"]
}

# 3. Create Subnet
resource "azurerm_subnet" "subnet" {
  name                 = "mySubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]
}

# 4. Create Public IP
resource "azurerm_public_ip" "pip" {
  name                = "myPublicIP"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Dynamic"
  domain_name_label   = "mypublicipdns12343131245325675" 
}

# 5. Create Network Interface
resource "azurerm_network_interface" "nic" {
  name                = "myNIC"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "myNicConfiguration"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.pip.id
  }

}

# 6. Create Virtual Machine with User Data
resource "azurerm_linux_virtual_machine" "vm" {
  name                = "myVM"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  size                = "Standard_B1ms"

  admin_username = "azureuser"

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_ssh_key {
    username   = "azureuser"
    public_key = tls_private_key.rsa-4096.public_key_openssh
  }

  disable_password_authentication = true

  custom_data = base64encode(file("script.sh"))
}

resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.nic.id
  network_security_group_id = azurerm_network_security_group.nsg.id
}

resource "azurerm_network_security_group" "nsg" {
  name                = "myNSG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  security_rule {
    name                       = "Allow-HTTP-Inbound"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "80"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTP traffic using the Http tag"
   
  }

  security_rule {
    name                       = "Allow-HTTPS-Inbound"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "443"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTPS traffic using the Https tag"
  
  }

  security_rule {
    name                       = "Allow-SSH"
    priority                   = 120
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "22"
    source_address_prefix     = "*"
    destination_address_prefix = "*"
  }
}



data "azurerm_client_config" "current" {}

# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
************************************************************************
| 🖥️ Machine Ip: ${azurerm_linux_virtual_machine.vm.public_ip_address} |
************************************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
*************************************
| 👤 Username of Machine: azureuser |
*************************************
EOF
}

output "destroy_infra" {
  value = <<EOF
***************************************************************
| 🗑️	Command: redinfracraft.py destroy azure phishing gophish |
***************************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/Azure/Azure_GoPhish_Phishing_Server/script.sh
================================================
#!/bin/bash

sudo apt update

cd /home/azureuser

sudo apt install -y git 
sudo apt install -y wget
sudo wget https://github.com/gophish/gophish/releases/download/0.7.1/gophish-v0.7.1-linux-64bit.zip
sudo apt install -y unzip
sudo unzip gophish-v0.7.1-linux-64bit.zip  
chmod +x gophish

sudo sh -c 'echo "" > config.json'

echo '{
        "admin_server": {
                "listen_url": "0.0.0.0:3333",
                "use_tls": true,
                "cert_path": "gophish_admin.crt",
                "key_path": "gophish_admin.key"
        },
        "phish_server": {
                "listen_url": "0.0.0.0:80",
                "use_tls": false,
                "cert_path": "example.crt",
                "key_path": "example.key"
        },
        "db_name": "sqlite3",
        "db_path": "gophish.db",
        "migrations_prefix": "db/db_",
        "contact_address": ""
}' | sudo tee config.json > /dev/null

sudo apt install -y sqlite3
sudo sqlite3 gophish.db;

================================================
FILE: redinfracraft/Terraform/Azure/Azure_Mythic_C2/main.tf
================================================
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.0"
    }
  }
}

/* 
Before Executing this terraform script, you need to create one Service Principal with 
Owner, User Access Administrator, User Administrator, Global Administrator Permissions.
*/

provider "azurerm" {
  features {}
  subscription_id = var.subscription_id
  client_id       = var.client_id
  client_secret   = var.client_secret
  tenant_id       = var.tenant_id
}

variable "subscription_id" {
  description = "Azure Subscription Id"
  type = string
}

variable "client_id" {
  description = "Azure Client Id"
  type = string
}

variable "client_secret" {
  description = "Azure Client Secret"
  type = string
}

variable "tenant_id" {
  description = "Azure Tenant Id"
  type = string
}

variable "vm_key_name" {
  description = "VM Secret File Name"
  type = string
}

# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.vm_key_name
}

# 1. Create Resource Group
resource "azurerm_resource_group" "rg" {
  name     = "Mythic"
  location = "East US"
}


# 1. Create Virtual Network
resource "azurerm_virtual_network" "vnet" {
  name                = "myVNet"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  address_space       = ["10.0.0.0/16"]
}

# 3. Create Subnet
resource "azurerm_subnet" "subnet" {
  name                 = "mySubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]
}

# 4. Create Public IP
resource "azurerm_public_ip" "pip" {
  name                = "myPublicIP"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Dynamic"
  domain_name_label   = "mypublicipdns12343131245325675" 
}

# 5. Create Network Interface
resource "azurerm_network_interface" "nic" {
  name                = "myNIC"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "myNicConfiguration"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.pip.id
  }

}

# 6. Create Virtual Machine with User Data
resource "azurerm_linux_virtual_machine" "vm" {
  name                = "myVM"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  size                = "Standard_B1ms"

  admin_username = "azureuser"

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_ssh_key {
    username   = "azureuser"
    public_key = tls_private_key.rsa-4096.public_key_openssh
  }

  disable_password_authentication = true

  custom_data = base64encode(file("script.sh"))
}

resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.nic.id
  network_security_group_id = azurerm_network_security_group.nsg.id
}

resource "azurerm_network_security_group" "nsg" {
  name                = "myNSG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  security_rule {
    name                       = "Allow-HTTP-Inbound"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "80"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTP traffic using the Http tag"
   
  }

  security_rule {
    name                       = "Allow-HTTPS-Inbound"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "443"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTPS traffic using the Https tag"
  
  }

  security_rule {
    name                       = "Allow-SSH"
    priority                   = 120
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "22"
    source_address_prefix     = "*"
    destination_address_prefix = "*"
  }
}

data "azurerm_client_config" "current" {}

# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
************************************************************************
| 🖥️ Machine Ip: ${azurerm_linux_virtual_machine.vm.public_ip_address} |
************************************************************************

EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
*************************************
| 👤 Username of Machine: azureuser |
*************************************
EOF
}

output "destroy_infra" {
  value = <<EOF
********************************************************
| 🗑️	Command: redinfracraft.py destroy azure c2 mythic |
********************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/Azure/Azure_Mythic_C2/script.sh
================================================
#!/bin/bash

sudo mkdir -p /home/azureuser/access
cd /home/azureuser/access

sudo apt-get update -y
sudo apt-get install -y git

sudo git clone https://github.com/its-a-feature/Mythic

cd /home/azureuser/access/Mythic

sudo apt install -y ca-certificates curl gnupg

# Create the keyrings directory (if not already created)
sudo mkdir -p /etc/apt/keyrings

# Download and add the Docker GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null
sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update -y
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

sudo apt-get install -y make
sudo make

sudo /home/azureuser/access/Mythic/mythic-cli install github https://github.com/MythicC2Profiles/http
sudo -E /home/azureuser/access/Mythic/mythic-cli install github https://github.com/MythicAgents/Apollo.git

sudo /home/azureuser/access/Mythic/mythic-cli start


================================================
FILE: redinfracraft/Terraform/Azure/Azure_Mythic_C2_with_Frontdoor/main.tf
================================================
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.0"
    }
  }
}

/* 
Before Executing this terraform script, you need to create one Service Principal with 
Owner, User Access Administrator, User Administrator, Global Administrator Permissions.
*/

provider "azurerm" {
  features {}
  subscription_id = var.subscription_id
  client_id       = var.client_id
  client_secret   = var.client_secret
  tenant_id       = var.tenant_id
}

variable "subscription_id" {
  description = "Azure Subscription Id"
  type = string
}

variable "client_id" {
  description = "Azure Client Id"
  type = string
}

variable "client_secret" {
  description = "Azure Client Secret"
  type = string
}

variable "tenant_id" {
  description = "Azure Tenant Id"
  type = string
}

variable "vm_key_name" {
  description = "VM Secret File Name"
  type = string
}

# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.vm_key_name
}

# 1. Create Resource Group
resource "azurerm_resource_group" "rg" {
  name     = "Mythic"
  location = "East US"
}


# 1. Create Virtual Network
resource "azurerm_virtual_network" "vnet" {
  name                = "myVNet"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  address_space       = ["10.0.0.0/16"]
}

# 3. Create Subnet
resource "azurerm_subnet" "subnet" {
  name                 = "mySubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]
}

# 4. Create Public IP
resource "azurerm_public_ip" "pip" {
  name                = "myPublicIP"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Dynamic"
  domain_name_label   = "mypublicipdns12343131245325675" 
}

# 5. Create Network Interface
resource "azurerm_network_interface" "nic" {
  name                = "myNIC"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "myNicConfiguration"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.pip.id
  }

}

# 6. Create Virtual Machine with User Data
resource "azurerm_linux_virtual_machine" "vm" {
  name                = "myVM"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  size                = "Standard_B1ms"

  admin_username = "azureuser"

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_ssh_key {
    username   = "azureuser"
    public_key = tls_private_key.rsa-4096.public_key_openssh
  }

  disable_password_authentication = true

  custom_data = base64encode(file("script.sh"))
}

resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.nic.id
  network_security_group_id = azurerm_network_security_group.nsg.id
}

resource "azurerm_network_security_group" "nsg" {
  name                = "myNSG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  security_rule {
    name                       = "Allow-HTTP-Inbound"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "80"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTP traffic using the Http tag"
   
  }

  security_rule {
    name                       = "Allow-HTTPS-Inbound"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "443"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTPS traffic using the Https tag"
  
  }

  security_rule {
    name                       = "Allow-SSH"
    priority                   = 120
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "22"
    source_address_prefix     = "*"
    destination_address_prefix = "*"
  }
}



data "azurerm_client_config" "current" {}

resource "azurerm_cdn_frontdoor_profile" "example" {
  name                = "example-profile"
  resource_group_name = azurerm_resource_group.rg.name
  sku_name            = "Premium_AzureFrontDoor"
}

resource "azurerm_cdn_frontdoor_origin_group" "example" {
  name                     = "example-origingroup"
  cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.example.id

  health_probe {
    interval_in_seconds = 240
    path                = "/"
    protocol            = "Http"
    request_type        = "HEAD"
  }

  load_balancing {}
}

resource "azurerm_cdn_frontdoor_origin" "example" {
  name                          = "example-origin"
  cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.example.id
  enabled                       = true

  certificate_name_check_enabled = true

  host_name          = azurerm_linux_virtual_machine.vm.public_ip_address
  http_port          = 80
  https_port         = 443
  origin_host_header = azurerm_linux_virtual_machine.vm.public_ip_address
  priority           = 1
  weight             = 1
}

resource "azurerm_cdn_frontdoor_endpoint" "example" {
  name                     = "example-xoxo-testing-endpoint"
  cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.example.id
}

resource "azurerm_cdn_frontdoor_route" "example" {
  name                          = "example-route"
  cdn_frontdoor_endpoint_id     = azurerm_cdn_frontdoor_endpoint.example.id
  cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.example.id
  cdn_frontdoor_origin_ids      = [azurerm_cdn_frontdoor_origin.example.id]
  enabled                       = true

  forwarding_protocol    = "HttpOnly"
  https_redirect_enabled = true
  patterns_to_match      = ["/*"]
  supported_protocols    = ["Http", "Https"]
}

# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
************************************************************************
| 🖥️ Machine Ip: ${azurerm_linux_virtual_machine.vm.public_ip_address} |
************************************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
*************************************
| 👤 Username of Machine: azureuser |
*************************************
EOF
}

# Output the Domain of the CloudFront
output "cloudfront_domain_name" {
  value = <<EOF
*****************************************************************************
| 🌍 CloudFront Domain: ${azurerm_cdn_frontdoor_endpoint.example.host_name} |
*****************************************************************************
EOF
}


output "destroy_infra" {
  value = <<EOF
***********************************************************
| 🗑️	Command: redinfracraft.py destroy azure c2 mythic_lb |
***********************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/Azure/Azure_Mythic_C2_with_Frontdoor/script.sh
================================================
#!/bin/bash

sudo mkdir -p /home/azureuser/access
cd /home/azureuser/access

sudo apt-get update -y
sudo apt-get install -y git

sudo git clone https://github.com/its-a-feature/Mythic

cd /home/azureuser/access/Mythic

sudo apt install -y ca-certificates curl gnupg

# Create the keyrings directory (if not already created)
sudo mkdir -p /etc/apt/keyrings

# Download and add the Docker GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null
sudo chmod a+r /etc/apt/keyrings/docker.asc

echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update -y
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

sudo apt-get install -y make
sudo make

sudo /home/azureuser/access/Mythic/mythic-cli install github https://github.com/MythicC2Profiles/http
sudo -E /home/azureuser/access/Mythic/mythic-cli install github https://github.com/MythicAgents/Apollo.git

sudo /home/azureuser/access/Mythic/mythic-cli start


================================================
FILE: redinfracraft/Terraform/Azure/Azure_Pwndrop_Payload_Server/main.tf
================================================
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.0"
    }
  }
}

/* 
Before Executing this terraform script, you need to create one Service Principal with 
Owner, User Access Administrator, User Administrator, Global Administrator Permissions.
*/

provider "azurerm" {
  features {}
  subscription_id = var.subscription_id
  client_id       = var.client_id
  client_secret   = var.client_secret
  tenant_id       = var.tenant_id
}

variable "subscription_id" {
  description = "Azure Subscription Id"
  type = string
}

variable "client_id" {
  description = "Azure Client Id"
  type = string
}

variable "client_secret" {
  description = "Azure Client Secret"
  type = string
}

variable "tenant_id" {
  description = "Azure Tenant Id"
  type = string
}

variable "vm_key_name" {
  description = "VM Secret File Name"
  type = string
}

# Key Pair
resource "tls_private_key" "rsa-4096" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "local_file" "private_key" {
  content  = tls_private_key.rsa-4096.private_key_pem
  filename = var.vm_key_name
}

# 1. Create Resource Group
resource "azurerm_resource_group" "rg" {
  name     = "Mythic"
  location = "East US"
}


# 1. Create Virtual Network
resource "azurerm_virtual_network" "vnet" {
  name                = "myVNet"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  address_space       = ["10.0.0.0/16"]
}

# 3. Create Subnet
resource "azurerm_subnet" "subnet" {
  name                 = "mySubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]
}

# 4. Create Public IP
resource "azurerm_public_ip" "pip" {
  name                = "myPublicIP"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Dynamic"
  domain_name_label   = "mypublicipdns12343131245325675" 
}

# 5. Create Network Interface
resource "azurerm_network_interface" "nic" {
  name                = "myNIC"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "myNicConfiguration"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.pip.id
  }

}

# 6. Create Virtual Machine with User Data
resource "azurerm_linux_virtual_machine" "vm" {
  name                = "myVM"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  size                = "Standard_B1ms"

  admin_username = "azureuser"

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_ssh_key {
    username   = "azureuser"
    public_key = tls_private_key.rsa-4096.public_key_openssh
  }

  disable_password_authentication = true

  custom_data = base64encode(file("script.sh"))
}

resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.nic.id
  network_security_group_id = azurerm_network_security_group.nsg.id
}

resource "azurerm_network_security_group" "nsg" {
  name                = "myNSG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  security_rule {
    name                       = "Allow-HTTP-Inbound"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "80"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTP traffic using the Http tag"
   
  }

  security_rule {
    name                       = "Allow-HTTPS-Inbound"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "443"
    source_address_prefix     = "AzureFrontDoor.Backend"
    destination_address_prefix = "*"
    description               = "Allow inbound HTTPS traffic using the Https tag"
  
  }

  security_rule {
    name                       = "Allow-SSH"
    priority                   = 120
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                  = "Tcp"
    source_port_range         = "*"
    destination_port_range    = "22"
    source_address_prefix     = "*"
    destination_address_prefix = "*"
  }
}



data "azurerm_client_config" "current" {}


# Output the public IP of the instance
output "instance_ip" {
  value = <<EOF
************************************************************************
| 🖥️ Machine Ip: ${azurerm_linux_virtual_machine.vm.public_ip_address} |
************************************************************************
EOF
}

# Output the Username of the instance
output "username" {
  value = <<EOF
*************************************
| 👤 Username of Machine: azureuser |
*************************************
EOF
}

output "destroy_infra" {
  value = <<EOF
**************************************************************
| 🗑️	Command: redinfracraft.py destroy azure payload pwndrop |
**************************************************************
EOF 
}

================================================
FILE: redinfracraft/Terraform/Azure/Azure_Pwndrop_Payload_Server/script.sh
================================================
#!/bin/bash

sudo apt update

cd /home/azureuser

sudo apt install -y wget
wget https://github.com/kgretzky/pwndrop/releases/download/1.0.1/pwndrop-linux-amd64.tar.gz
tar zxvf pwndrop-linux-amd64.tar.gz 

================================================
FILE: redinfracraft/Terraform/GCP/GCP_Mythic_C2_with_ELB/mythic.tf
================================================
provider "google" {
  project = "${var.project_id}"
  region  = var.location
}

variable "location" {
  description = "GCP Location for Cloud Function"
}

variable "project_id" {
  description = "GCP Project ID"
}

resource "google_compute_instance" "default" {
  name         = "test-instance"
  machine_type = "n2-standard-2"
  zone         = "us-central1-c"

  tags = ["foo", "bar"]

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
      labels = {
        my_label = "value"
      }
    }
  }

  // Local SSD disk
  scratch_disk {
    interface = "NVME"
  }

  network_interface {
    network = "default"

    access_config {
      // Ephemeral public IP
    }
  }

  metadata = {
    foo = "bar"
  }




  service_account {
    # Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
    email  = "517443832736-compute@developer.gserviceaccount.com"
    scopes = ["cloud-platform"]
  }
}

# Allow HTTP traffic
resource "google_compute_firewall" "allow_http" {
  name    = "allow-http"
  network = "default"

  allow {
    protocol = "tcp"
    ports    = ["80"]
  }

  source_ranges = ["34.49.246.127/32"]
  target_tags   = ["foo", "bar"]
}

# Allow HTTPS traffic
resource "google_compute_firewall" "allow_https" {
  name    = "allow-https"
  network = "default"

  allow {
    protocol = "tcp"
    ports    = ["443"]
  }

  source_ranges = [google_compute_global_address.default.address]
  target_tags   = ["foo", "bar"]
}

# Allow Load Balancer Health Checks
resource "google_compute_firewall" "allow_health_checks" {
  name    = "allow-health-checks"
  network = "default"

  allow {
    protocol = "tcp"
    ports    = ["80", "443"]
  }

  source_ranges = [
    "130.211.0.0/22",
    "35.191.0.0/16",
    "108.170.220.0/23",
    "108.170.221.0/24"
  ]
  target_tags   = ["foo", "bar"]
}


resource "google_compute_instance_group" "webservers" {
  name        = "test-webservers"
  description = "Terraform test instance group"

  instances = [
    google_compute_instance.default.id,
  ]

  named_port {
    name = "http"
    port = "80"
  }

  zone = "us-central1-c"
}


# Create a Global HTTP Load Balancer
resource "google_compute_global_address" "default" {
  name = "testelb"
}

# Backend Service using the Instance Group
resource "google_compute_backend_service" "default" {
  name          = "test-backend-service"
  health_checks = [google_compute_health_check.default.id]

  backend {
    group = google_compute_instance_group.webservers.id
  }
}

# Health Check for the Backend
resource "google_compute_health_check" "default" {
  name = "test-health-check"

  tcp_health_check {
    port = 80
  }
}

# URL Map (Default Routing)
resource "google_compute_url_map" "default" {
  name            = "test-url-map"
  default_service = google_compute_backend_service.default.id
}

# Target HTTP Proxy
resource "google_compute_target_http_proxy" "default" {
  name    = "test-target-proxy"
  url_map = google_compute_url_map.default.id
}

# Global Forwarding Rule (Frontend)
resource "google_compute_global_forwarding_rule" "default" {
  name       = "test-forwarding-rule"
  target     = google_compute_target_http_proxy.default.id
  port_range = "80"
  ip_address = google_compute_global_address.default.address
}


================================================
FILE: redinfracraft/Terraform/GCP/GCP_Mythic_C2_with_ELB/script.sh
================================================
#!/bin/bash
set -ex

mkdir /home/access
cd /home/access

sudo mkdir -p /etc/apt/keyrings

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null

sudo apt update -y


echo "deb [signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bullseye stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update -y
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

sudo git clone https://github.com/its-a-feature/Mythic
sudo apt-get install -y make

cd /home/access/Mythic
sudo make

sudo /home/access/Mythic/mythic-cli install github https://github.com/MythicC2Profiles/http
sudo /home/access/Mythic/mythic-cli install github https://github.com/MythicAgents/Apollo.git
sudo /home/access/Mythic/mythic-cli start


================================================
FILE: redinfracraft/Terraform/terraform.auto.tfvars
================================================
# AWS Authentication
access_key = "YOUR_ACCESS_KEY_ID"
secret_key = "YOUR_SECRET_ACCESS_KEY"
region     = "YOUR_AWS_REGION"
# EC2 Secret File Name without.PEM
key_name = "EC2_PEM_FILE_NAME"


# Azure Authentication
subscription_id = "YOUR_SUBSCRIPTION_ID"
client_id = "_YOUR_CLIENT_ID"
client_secret = "YOUR_CLIENT_SECRET"
tenant_id = "YOUR_TENANT_ID"
# VM Secret File Name without.PEM
vm_key_name = "EC2_PEM_FILE_NAME"


# GCP Authentication
project_id = "YOUR_PROJECT_ID"
location = "YOUR_GCP_LOCATION"

================================================
FILE: redinfracraft/redinfracraft.py
================================================
import argparse
import os

current_dir = os.getcwd()
tfvars_file = os.path.join(current_dir, "Terraform", "terraform.auto.tfvars")


def change_directory(path):
    # Use os.path.join to handle cross-platform paths
    target_path = os.path.join(current_dir, path)
    os.chdir(target_path)


def createTerrformCommand():
    os.system('terraform init')
    os.system(f'terraform apply -auto-approve -var-file={tfvars_file}')


def destroyTerrformCommand():
    os.system('terraform init')
    os.system(f'terraform destroy -auto-approve -var-file={tfvars_file}')


# Function to deploy Mythic C2 for AWS
def deploy_mythic_c2_aws():
    change_directory("Terraform/AWS/AWS_Mythic_C2")
    createTerrformCommand()


# Function to deploy Mythic C2 for Azure
def deploy_mythic_c2_azure():
    change_directory("Terraform/Azure/Azure_Mythic_C2")
    createTerrformCommand()


# Function to deploy Mythic C2 with ELB and CloudFront for AWS
def deploy_elb_c2_aws():
    change_directory("Terraform/AWS/AWS_Mythic_C2_with_CloudFront")
    createTerrformCommand()


# Function to deploy Mythic C2 with Frontdoor for Azure
def deploy_elb_c2_azure():
    change_directory("Terraform/Azure/Azure_Mythic_C2_with_Frontdoor")
    createTerrformCommand()


# Function to deploy Mythic C2 with ELB for GCP
def deploy_elb_c2_gcp():
    change_directory("Terraform/GCP/GCP_Mythic_C2_with_ELB")
    createTerrformCommand()


# Function to deploy Pwndrop for AWS
def deploy_pwndrop_aws():
    change_directory("Terraform/AWS/AWS_Pwndrop_Payload_Server")
    createTerrformCommand()


# Function to deploy Pwndrop for Azure
def deploy_pwndrop_azure():
    change_directory("Terraform/Azure/Azure_Pwndrop_Payload_Server")
    createTerrformCommand()


# Function to deploy gophish for AWS
def deploy_gophish_aws():
    change_directory("Terraform/AWS/AWS_GoPhish_Phishing_Server")
    createTerrformCommand()


# Function to deploy gophish for Azure
def deploy_gophish_azure():
    change_directory("Terraform/Azure/Azure_GoPhish_Phishing_Server")
    createTerrformCommand()


# Function to deploy Evilginx for AWS
def deploy_evilginx_aws():
    change_directory("Terraform/AWS/AWS_Evilginx_Phishing_Server")
    createTerrformCommand()


# Function to deploy Evilginx for Azure
def deploy_evilginx_azure():
    change_directory("Terraform/Azure/Azure_Evilginx_Phishing_Server")
    createTerrformCommand()


# Function to destroy Mythic C2 for AWS
def destroy_mythic_c2_aws():
    change_directory("Terraform/AWS/AWS_Mythic_C2")
    destroyTerrformCommand()


# Function to destroy Mythic C2 for Azure
def destroy_mythic_c2_azure():
    change_directory("Terraform/Azure/Azure_Mythic_C2")
    destroyTerrformCommand()


# Function to destroy Mythic C2 with ELB and CloudFront for AWS
def destroy_elb_c2_aws():
    change_directory("Terraform/AWS/AWS_Mythic_C2_with_CloudFront")
    destroyTerrformCommand()


# Function to destroy Mythic C2 with Frontdoor for Azure
def destroy_elb_c2_azure():
    change_directory("Terraform/Azure/Azure_Mythic_C2_with_Frontdoor")
    destroyTerrformCommand()


# Function to destroy Mythic C2 with ELB for GCP
def destroy_elb_c2_gcp():
    change_directory("Terraform/GCP/GCP_Mythic_C2_with_Frontdoor")
    destroyTerrformCommand()

# Function to destroy Pwndrop for AWS
def destroy_pwndrop_aws():
    change_directory("Terraform/AWS/AWS_Pwndrop_Payload_Server")
    destroyTerrformCommand()


# Function to destroy Pwndrop for Azure
def destroy_pwndrop_azure():
    change_directory("Terraform/Azure/Azure_Pwndrop_Payload_Server")
    destroyTerrformCommand()


# Function to destroy gophish for AWS
def destroy_gophish_aws():
    change_directory("Terraform/AWS/AWS_GoPhish_Phishing_Server")
    destroyTerrformCommand()


# Function to destroy GoPhish for Azure
def destroy_gophish_azure():
    change_directory("Terraform/Azure/Azure_GoPhish_Phishing_Server")
    destroyTerrformCommand()


# Function to destroy Evilginx for AWS
def destroy_evilginx_aws():
    change_directory("Terraform/AWS/AWS_Evilginx_Phishing_Server")
    destroyTerrformCommand()


# Function to destroy Evilginx for Azure
def destroy_evilginx_azure():
    change_directory("Terraform/Azure/Azure_Evilginx_Phishing_Server")
    destroyTerrformCommand()


# Main function
def main():
    parser = argparse.ArgumentParser(description='Tool for deploying or destroying infrastructure.')
    subparsers = parser.add_subparsers(dest='action', help='Action to perform')

    # Sub-parser for creating infrastructure
    parser_create = subparsers.add_parser('create', help='To Create infrastructure')
    parser_create.add_argument('cloud', choices=['aws', 'azure', 'gcp'], help='Cloud provider (aws/azure/gcp)')
    parser_create.add_argument('infra', choices=['c2', 'payload', 'phishing', 'full_infra'],
                               help='Infrastructure to create')
    parser_create.add_argument('type', nargs='?', choices=['mythic', 'mythic_lb', 'pwndrop', 'gophish', 'evilginx'],
                               help='Type of infrastructure')

    # Sub-parser for destroying infrastructure
    parser_destroy = subparsers.add_parser('destroy', help='To Destroy infrastructure')
    parser_destroy.add_argument('cloud', choices=['aws', 'azure', 'gcp'], help='Cloud provider (aws/azure/gcp)')
    parser_destroy.add_argument('infra', choices=['c2', 'payload', 'phishing', 'full_infra'],
                                help='Infrastructure to destroy')
    parser_destroy.add_argument('type', nargs='?', choices=['mythic', 'mythic_lb', 'pwndrop', 'gophish', 'evilginx'],
                                help='Type of infrastructure to destroy')

    # Add info command
    parser_info = subparsers.add_parser('info',
                                        help='Shows info message, Try "redinfracraft.py.py info" to know more about this tool.')

    # Add help command
    parser_help = subparsers.add_parser('help',
                                        help='Shows help message, Try "redinfracraft.py.py help" to view available options.')

    args = parser.parse_args()

    # Mapping infrastructure and cloud types to functions
    action_map = {
        'create': {
            'aws': {
                'c2': {'mythic': deploy_mythic_c2_aws, 'mythic_lb': deploy_elb_c2_aws},
                'payload': {'pwndrop': deploy_pwndrop_aws},
                'phishing': {'gophish': deploy_gophish_aws, 'evilginx': deploy_evilginx_aws},
                'full_infra': lambda: (
                deploy_elb_c2_aws(), deploy_pwndrop_aws(), deploy_gophish_aws(), deploy_evilginx_aws())
            },
            'azure': {
                'c2': {'mythic': deploy_mythic_c2_azure, 'mythic_lb': deploy_elb_c2_azure},
                'payload': {'pwndrop': deploy_pwndrop_azure},
                'phishing': {'gophish': deploy_gophish_azure, 'evilginx': deploy_evilginx_azure},
                'full_infra': lambda: (
                deploy_elb_c2_azure(), deploy_pwndrop_azure(), deploy_gophish_azure(), deploy_evilginx_azure())
            },
            'gcp': {
                'c2': {'mythic_lb': deploy_elb_c2_gcp}
            }
        },
        'destroy': {
            'aws': {
                'c2': {'mythic': destroy_mythic_c2_aws, 'mythic_lb': destroy_elb_c2_aws},
                'payload': {'pwndrop': destroy_pwndrop_aws},
                'phishing': {'gophish': destroy_gophish_aws, 'evilginx': destroy_evilginx_aws},
                'full_infra': lambda: (
                destroy_elb_c2_aws(), destroy_pwndrop_aws(), destroy_gophish_aws(), destroy_evilginx_aws())
            },
            'azure': {
                'c2': {'mythic': destroy_mythic_c2_azure, 'mythic_lb': destroy_elb_c2_azure},
                'payload': {'pwndrop': destroy_pwndrop_azure},
                'phishing': {'gophish': destroy_gophish_azure, 'evilginx': destroy_evilginx_azure},
                'full_infra': lambda: (
                destroy_elb_c2_azure(), destroy_pwndrop_azure(), destroy_gophish_azure(), destroy_evilginx_azure())
            },
            'gcp': {
                'c2': {'mythic_lb': destroy_elb_c2_gcp},
            }
        }
    }

    # Execute the mapped function
    if args.action in action_map:
        try:
            if args.infra == 'full_infra':
                action_map[args.action][args.cloud][args.infra]()
            else:
                action_map[args.action][args.cloud][args.infra][args.type]()
        except KeyError:
            print("""
    Invalid combination of arguments!!

    I am here to assist You :)

        Try "redinfracraft.py info" to know more about this tool.

        Try "redinfracraft.py --help" to know about arguments.

        Try "redinfracraft.py help" to view available options. 
                    """)
    elif args.action == 'info':
        print_info_message()
    elif args.action == 'help':
        print_help_message()



def print_info_message():
    print(""" 

**********************************************************************************************************************************************************
*    ________   _______   _____     _________   ___         _   _______   ________     ----       _______   ________     ----     _______   _________    *   
*   (  ____  ) (  _____) (  __ \   (___   ___) (   \       | ) (  _____) (  ____  )   / __ \     / ______) (  ____  )   / __ \   (  _____) (___   ___)   *     
*   | |    | | | (       | (  \ \      | |     | |\ \      | | | (       | |    | |  / /  \ \   / /        | |    | |  / /  \ \  | (           | |       *
*   | |____| | | |       | |   \ \     | |     | | \ \     | | | |       | |____| | | |    | | / /         | |____| | | |    | | | |           | |       *
*   | _  ____) | (_____  | |    \ \    | |     | |  \ \    | | | (_____  | _  ____) | (____) | | |         | _  ____) | (____) | | (_____      | |       *
*   | |\ \     |  _____) | |    | |    | |     | |   \ \   | | |  _____) | |\ \     |  ____  | | |         | |\ \     |  ____  | |  _____)     | |       *  
*   | | \ \    | (       | |    / /    | |     | |    \ \  | | | (       | | \ \    | (    ) | | |         | | \ \    | (    ) | | (           | |       *
*   | |  \ \   | |       | |   / /     | |     | |     \ \ | | | |       | |  \ \   | |    | | \ \         | |  \ \   | |    | | | |           | |       *  
*   | |   \ \  | (_____  | (__/ /   ___| |___  | |      \ \| | | |       | |   \ \  | |    | |  \ \______  | |   \ \  | |    | | | |           | |       * 
*   (_|    \_\ (_______) (_____/   (_________) (_|       \___) (_|       (_|    \_\ (_|    |_)   \_______) (_|    \_\ (_|    |_) (_|           |_|       *     
*                                                                                                                                                        *
*                                                                                                                                         - Version-2    *
*                                                                                                                                                        *
********************************************************************************************************************************************************** 



                       Introducing RedInfraCraft (V2) - your go-to tool for seamlessly crafting and overseeing cloud infrastructures, tailored 
            specifically for Red Teamers!! With RedInfraCraft (V2), you're not just deploying some infrastructures; you are crafting a digital 
            masterpiece. Whether you're forging Mythic C2s, shaping ELB architectures, or crafting cunning phishing setups, RedInfraCraft (V2) 
            empowers you to build, deploy, and manage with unparalleled ease. Let's turn your cloud dreams into infrastructural realities with 
            RedInfraCraft (V2) - where every deployment is a stroke of genius!"

                                                                                                             - CyberWarFare Labs

    """)


def print_help_message():
    print("""

Infrastructures:

    1) C2 - "Mythic C2", "Mythic C2 with CloudFront and Load Balancer", "Mythic C2 with Frontdoor & CDN"
    2) Payload - "Pwndrop"
    3) Phishing - "EvilGinx", "GoPhish"
    4) All in One Infra - "Mythic C2 with CloudFront and Load Balancer, Pwndrop, EvilGinx, GoPhish", "Mythic C2 with Frontdoor & CDN, pwndrop, Gophish, and Evilginx"     


Cloud Providers:
    1) AWS
    2) Azure
    3) GCP


Command Explanation:
    --> redinfracraft.py  action  cloud_provider  infra_type  infra
    E.g redinfracraft.py  create       aws            c2      mythic
    E.g redinfracraft.py  destroy      azure          c2      mythic
    E.g redinfracraft.py  create       gcp            c2      mythic


Commands to Create Infrastructure:

    --> Create Mythic C2 infrastructure for AWS:
            redinfracraft.py create aws c2 mythic 

    --> Create Mythic C2 infrastructure for Azure:
            redinfracraft.py create azure c2 mythic

    --> Create ELB with Mythic C2 infrastructure for AWS:
            redinfracraft.py create aws c2 mythic_lb

    --> Create ELB with Mythic C2 infrastructure for Azure:
            redinfracraft.py create azure c2 mythic_lb
            
    --> Create ELB with Mythic C2 infrastructure for GCP:
            redinfracraft.py create gcp c2 mythic_lb

    --> Create pwndrop payload infrastructure for AWS:
            redinfracraft.py create aws payload pwndrop

    --> Create pwndrop payload infrastructure for Azure:
            redinfracraft.py create azure payload pwndrop

    --> Create Gophish phishing infrastructure for AWS:
            redinfracraft.py create aws phishing gophish

    --> Create Gophish phishing infrastructure for Azure:
            redinfracraft.py create azure phishing gophish

    --> Create Evilginx phishing infrastructure for AWS:
            redinfracraft.py create aws phishing evilginx

    --> Create Evilginx phishing infrastructure for Azure:
            redinfracraft.py create azure phishing evilginx

    --> Create full infrastructure (Mythic C2 with ELB & CloudFront, pwndrop, Gophish, and Evilginx):
            redinfracraft.py create aws full_infra

    --> Create full infrastructure (Mythic C2 with Frontdoor & CDN, pwndrop, Gophish, and Evilginx):
            redinfracraft.py create azure full_infra


Commands to Destroy Infrastructure:
    --> Destroy Mythic C2 infrastructure for AWS:

            redinfracraft.py destroy aws c2 mythic

    --> Destroy Mythic C2 infrastructure for Azure:
            redinfracraft.py destroy azure c2 mythic

    --> Destroy ELB with Mythic C2 infrastructure for AWS:
            redinfracraft.py destroy aws c2 mythic_lb

    --> Destroy ELB with Mythic C2 infrastructure for Azure:
            redinfracraft.py destroy azure c2 mythic_lb

    --> Destroy ELB with Mythic C2 infrastructure for GCP:
            redinfracraft.py destroy gcp c2 mythic_lb

    --> Destroy pwndrop payload infrastructure for AWS:
            redinfracraft.py destroy aws payload pwndrop

    --> Destroy pwndrop payload infrastructure for Azure:
            redinfracraft.py destroy azure payload pwndrop

    --> Destroy GoPhish phishing infrastructure for AWS:
            redinfracraft.py destroy aws phishing gophish

    --> Destroy GoPhish phishing infrastructure for Azure:
            redinfracraft.py destroy azure phishing gophish

    --> Destroy EvilGinx phishing infrastructure for AWS:
            redinfracraft.py destroy aws phishing evilginx

    --> Destroy EvilGinx phishing infrastructure for Azure:
            redinfracraft.py destroy azure phishing evilginx     

    --> Destroy full infrastructure (Mythic C2 with ELB & CloudFront, pwndrop, Gophish, and Evilginx):
            redinfracraft.py destroy aws full_infra

    --> Destroy full infrastructure (Mythic C2 with Frontdoor & CDN, pwndrop, Gophish, and Evilginx):
            redinfracraft.py destroy azure full_infra
    """)


# Execute main function
if __name__ == "__main__":
    main()