C2 Teamserver · Multi-Operator

Command.
Infiltrate.
Persist.

The full-featured C2 platform for professional red teams. Live session management, a modular shard engine, AES-256-CBC encryption end-to-end, and an Arsenal that builds, signs, and stages Windows & Linux agents, all from one interface.

Request a Demo Explore Features

CORP-WS4721

UUID: a3f8b2c1

Username CORP\jsmith

OS Win 10 x64

Internal IP 172.16.0.22

PID 8124

Sleep 5000ms ±10%

Last Seen 3s ago

DC-Ops

Shard Execution Log

✓ amsi-bypass Evasion

✓ whoami Recon

● screenshot Recon

✓ persistence-registry Persist

Modular Post-Exploitation

100+ On-Demand
Execution Shards

Ship capability without bloating the implant. Perceptor's shard engine delivers self-contained modules to the agent on demand, compatible with Windows and Linux. Drop a .shard file and it's immediately available to every operator on the team.

100+ shards, compatible with Windows and Linux
Defense Evasion, Recon, File Ops, Persistence & Collection
In-browser editor: write, import, or modify shards live
AES-encrypted delivery, shard code never transits in plaintext

Shard Manager ×

ALL 100+

WINDOWS

LINUX

WIN amsi-bypass · 2.1KB Defense Evasion

WIN av-check · 1696B Defense Evasion

WIN arp · 1668B Reconnaissance

LNX cat · 1638B File Operations

WIN persistence-registry · 980B Persistence

WIN clipboard · 629B Collection

Implant Fabrication

Build. Sign.
Stage. Deploy.

The Arsenal is Perceptor's end-to-end implant factory. Configure your callback URL, AES comms key, jitter, and namespace. Compose evasion and persistence fragments, then compile and Authenticode-sign a Windows or Linux agent in seconds, all server-side.

Server-side compilation and agent generation
Authenticode signing with self-signed or custom certificates
Fragment injection: AMSI bypass, AntiVM, persistence baked in
Configurable sleep + jitter, UUID, namespace, malleable profile

Arsenal · Agent Builder ×

Callback URL

https://192.168.1.47:8443

Sleep Interval (ms)

5000

Jitter (ms)

500

AES Encryption Key

a3f8b2c1d4e5f6a7b8c9d0e1f2a3b4c5 Random

Namespace

conduit

Malleable Profile

OneDrive2 ▾

Target Intelligence

Real-Time Agent
Intelligence

Know exactly where your implants are operating. Perceptor automatically resolves each agent's geolocation and identity, plotting them on a tactical dark map with country, city, ISP, ASN, and coordinates surfaced at a glance.

Automatically resolved on first agent check-in
Country, city, latitude/longitude, ISP & ASN
Per-agent detail overlay with full session context at a glance
Tactical dark map theme for mission-appropriate aesthetics

Agent Intelligence ×

🇮🇹 Italy

Hostname CORP-WS4721

Username CORP\jsmith

Internal IP 172.16.0.22

City Milan

Coords 45.46, 9.19

Transport Security

Traffic is end-to-end encrypted,
regardless of protocol.

Every byte between Perceptor's implant and your teamserver is encrypted with AES-256-CBC using a per-build pre-shared key registered at agent build time. A passive observer sees nothing actionable.

AES-256-CBC · HMAC-SHA256 Request Signing · Per-Build Key

Time Source Destination Protocol Length Info

12:34:01 172.16.0.22 10.0.0.1:8443 HTTP 214 GET /api/v1/sync 200 OK

12:34:01 172.16.0.22 10.0.0.1:8443 DATA 512 4f8a3b2c1d5e9f7a6b4c8d3e2f1a0b9c8d7e6f5a4b3c2d1e0f9a8b7c6d5e4f3...

12:34:06 172.16.0.22 10.0.0.1:8443 HTTP 198 GET /api/v1/sync 200 OK

12:34:06 172.16.0.22 10.0.0.1:8443 DATA 1024 9c8d7e6f5a4b3c2d1e0f9a8b7c6d5e4f3a2b1c0d9e8f7a6b5c4d3e2f1a0b9c8...

12:34:11 172.16.0.22 10.0.0.1:8443 HTTP 214 POST /api/v1/sync 200 OK

12:34:11 172.16.0.22 10.0.0.1:8443 DATA 2048 b1c0d9e8f7a6b5c4d3e2f1a0b9c8d7e6f5a4b3c2d1e0f9a8b7c6d5e4f3a2b1c0...

Traffic Shaping

Malleable
HTTP Profiles

Make your C2 traffic look like anything. Perceptor's malleable profile engine lets you remap request headers, spoof the User-Agent, customize URI paths, and wrap response bodies so agent check-ins blend seamlessly with legitimate web traffic.

Fully configurable request headers with custom names
Inject agent User-Agent at build time (OneDrive, Teams, browser)
Custom URI paths, response Content-Type, body wrap prefix/suffix
Saved profiles, selectable at agent build time from the Arsenal

Malleable Profiles ×

New Profile

Name

e.g. OneDrive Sync

URI Path

/api/v1/sync

Identity Header

Drive-Id

Session Header

Client-Session

Signing Header

Client-Signature

Spoof User-Agent (injected into agent)

OneDrive/22.232.1107.0009 (Windows NT 10.0)

Response Content-Type

application/json

Wrap Prefix

{"d":

Saved Profiles

NAME URI IDENTITY CONTENT-TYPE WRAP

OneDrive2 /api/v1/sync Drive-Id application/json ✓

Operational Security

Configurable
External Appearance

Your teamserver's login page is operator-controlled. Select from built-in templates: a generic network monitor, a Windows-era server manager, a neutral admin panel. Or write a fully custom HTML template with CSS inline. No external URLs. No fingerprint.

4 built-in decoy templates, instantly swappable
Full custom HTML/CSS, no external links required
Live preview before activation
Template validation: checks required field names & CSRF token

ACTIVE TEMPLATE: Network Monitor

Built-In Templates

Perceptor Default

Standard login dialog

Preview Select

Easy Server Mgr

Win-era server console

Preview Select

Network Monitor

Dark header, amber accents

Preview Selected

Admin Panel

Gray/white enterprise

Preview Select

Custom Template

<!DOCTYPE html>
<html lang="en">
<head>
/* all CSS inline, no external links */
</head>
<body>
%CSRF_TOKEN%
</body>

Core Capabilities

Everything a Red Team Needs

From initial foothold to full domain visibility. Perceptor gives your operators the infrastructure to run sophisticated, multi-stage engagements with full accountability.

Multi-Operator RBAC

Three-tier role system (Analyst, Operator, Admin) enforced server-side on every endpoint. Analysts observe, operators execute, admins govern. Concurrent sessions with no conflicts.

Full Audit Logging

Every operator action is timestamped, attributed by user and role, and logged with source IP. 2,000-entry audit trail with event stream for complete deconfliction in any engagement debrief.

Live Session Management

Real-time agent table with alive/dead status derived from beacon intervals. Per-agent task queuing, output capture, screenshot exfiltration, file download, and geolocation, all in one view.

Defense Evasion Primitives

14 fragment primitives for AMSI bypass, ETW patching, AntiVM (sleep timing), persistence via registry, COM hijacking hooks, and sleep-based sandbox detection, composable at agent build time.

Multi-Port Listeners

Spawn multiple simultaneous listeners on different ports, health-checked on every poll cycle. PID-tracked and reconciled on startup, no stale state after reboots.

Operator Collaboration

Persistent team chat, named colour-coded agent groups, per-agent notes, and a shared event stream. Run a coordinated multi-operator engagement without stepping on each other.

Get Access

Request a
Demo

Perceptor is available exclusively to verified red teams, penetration testing firms, and authorized government operations. Submit your details and a Black Star operator will reach out promptly.

[email protected]

Last updated: June 5, 2026

1. Controller

The data controller is Black Star Technologies, represented by Luigi Fiore (P.Iva IT10802321215), reachable at [email protected].

2. Data We Collect

When you use our contact form, we collect: your name, email address, organization, and message content. We do not collect payment data through this website.

3. Purpose and Legal Basis

Data is processed solely to respond to your inquiry. The legal basis is your consent (Art. 6(1)(a) GDPR).

4. Data Retention

Contact form submissions are retained for up to 24 months.

5. Third Parties

We use hCaptcha for bot protection. No personal data is sold or shared with third parties for marketing purposes.

6. Your Rights

Under GDPR you have the right to access, rectify, erase, restrict, and port your data. Contact [email protected].

Last updated: June 5, 2026

1. Acceptance

By accessing Perceptor or any Black Star Technologies platform you agree to these Terms.

2. Authorized Use Only

Perceptor is licensed exclusively for authorized, lawful security operations. Use against systems you do not own or have explicit written permission to test is strictly prohibited.

3. Account Eligibility

Access is granted solely to vetted operators: accredited red teams, penetration testing firms, government agencies, and defense organizations.

4. Intellectual Property

All source code, documentation, and tooling remain the exclusive property of Luigi Fiore / Black Star Technologies. You may not reverse-engineer, redistribute, or sublicense any component.

5. Governing Law

These Terms are governed by the laws of Italy.

6. Contact

Legal inquiries: [email protected].

Command. Infiltrate. Persist.

100+ On-DemandExecution Shards

Build. Sign.Stage. Deploy.

Real-Time AgentIntelligence

Traffic is end-to-end encrypted,regardless of protocol.

MalleableHTTP Profiles

ConfigurableExternal Appearance

Everything a Red Team Needs

Multi-Operator RBAC

Full Audit Logging

Live Session Management

Defense Evasion Primitives

Multi-Port Listeners

Operator Collaboration

Operators first.Every designdecision.

Request aDemo

Command.
Infiltrate.
Persist.

100+ On-Demand
Execution Shards

Build. Sign.
Stage. Deploy.

Real-Time Agent
Intelligence

Traffic is end-to-end encrypted,
regardless of protocol.

Malleable
HTTP Profiles

Configurable
External Appearance

Operators first.
Every design
decision.

Request a
Demo