User Guide
Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of the backend work to enable operators to focus on writing implants and spend less time worrying about databases and css. The repository also provides some offensive tools already integrated with Paragon that can be used during engagements.
The below sections outline Paragon's core concepts and provide a reference for terminology used throughout the platform.
A Target represents an attackable system, storing relevant information collected from it. A last-seen timestamp is updated when activity (i.e. a callback) is received for a Target, enabling users to monitor the Target's compromise status. Credentials can be added for a Target, providing services with necessary connection information.
A Task is a unit of work for a service to perform and is used to track execution results and status information. Tasks may reference a Target to provide contextual information for the service executing it. For example, a Task created for Paragon's built-in C2 service will be executed by an implant on the Target system when a callback is received for the corresponding Target.
Queuing a Job will create Tasks for the selected Targets. It provides the user with a single aggregate view of related Tasks that may execute the same instructions across many Targets. When queuing a new Job, the user may provide the following information to control Paragon's behaviour:
- A name to act as a human-readable identifier used to reference the job.
- The service that should be instructed to perform related-work.
- By default this is Paragon's built-in C2 service, which sends each Task to the corresponding target when a callback from the target is received.
- Which Targets to create new Tasks for.
- A new Task is created for each Target that is specified, setting an edge between the Task and Target.
- When no Targets are specified, a single Task is created that is not bound to any Target.
Tags are used as a generic grouping mechanism for entities and have a variety of use-cases. A primary use-case is adding Tags to group related Targets (i.e. "Windows"), enabling the user to queue a Job for a group of Targets instead of individually specifying them.
