Whispergate

Whispergate / InfraGuard

Public

InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution

infrastructure red-team red-team-tools redirector
45
3
100% credibility
Found Mar 30, 2026 at 45 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

InfraGuard protects red team command-and-control servers by filtering inbound traffic against C2 profiles, redirecting scanners and bots to decoys while proxying legitimate beacons.

How It Works

1
🔍 Discover your shield

You learn about a handy protector that hides your secret online operations from nosy scanners and bots.

2
🚀 Quick one-click setup

Get it running on your computer in minutes with a simple starter guide—no tech headaches.

3
🏠 Connect your sites

Tell it which pretend websites to watch and where real connections from your tools should go.

4
🛡️ Set your defenses

Choose blocks for known troublemakers, countries, or patterns so only good traffic gets through.

5
🌐 Launch it online

Put your protector between the internet and your setup, ready to handle real traffic.

6
📊 Watch it work

Open the live dashboard to see good connections zoom through while fakes get sent away.

🏆 Operations secured

Scanners and probes bounce to decoy sites, your real tools connect safely—mission success!

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 45 to 45 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is InfraGuard?

InfraGuard is a Python-based command and control redirection proxy that protects red team infrastructure against threat attribution. It sits between the internet and your C2 teamserver, validating inbound requests against Cobalt Strike malleable profiles or Mythic HTTPX configs, while redirecting scanners, bots, and probes to decoy sites. Deploy via Docker Compose with Let's Encrypt support, it handles HTTP/HTTPS, DNS, MQTT, and WebSocket traffic across multiple domains.

Why is it gaining traction?

Unlike single-file tools like RedWarden, InfraGuard offers scoring-based filters (IP intel, geo, bot detection, replay protection), auto-updating threat feeds, and content delivery for payloads via PwnDrop integration. A web dashboard and terminal UI provide real-time request logs and stats, plus SIEM plugins for Elasticsearch, Wazuh, Discord, and Slack alerts. CLI tools for profile parsing, config generation (Nginx/Caddy/Apache), and rule ingestion from .htaccess files make ops smooth.

Who should use this?

Red team operators running Cobalt Strike or Mythic servers who need to mask C2 endpoints from scanners like Shodan or Censys. Pentesters managing multi-domain infra in engagements where attribution risks blue team detection. Teams wanting edge proxies on Cloudflare Workers or AWS Lambda for domain fronting.

Verdict

Promising modern alternative to legacy redirectors, but at 45 stars and 1.0% credibility, it's early-stage—docs are solid via wiki, but expect bugs in multi-protocol setups. Try for low-risk staging domains first.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.