windows

Documentation

• User Guide - Complete installation and usage guide
• AI Operations Skills - Comprehensive guide for AI agents and automation tools
• MCP Protocol Support - Model Context Protocol integration for AI assistants
• Compose Orchestration Guide - Best practices for multi-service orchestration
• Template Repository - Pre-configured infrastructure templates
• Online Templates - Browse and download templates

Redc is built on Terraform, further simplifying the complete lifecycle (create, configure, destroy) of red team infrastructure.

Redc is not just a machine provisioning tool, but an automated cloud resource scheduler!

• One-command deployment, from purchasing machines to running services, fully automated without manual intervention
• Multi-cloud support, compatible with Alibaba Cloud, Tencent Cloud, AWS and other mainstream cloud providers
• Pre-configured scenarios, red team environment ready-to-use templates, no more hunting for resources
• State resource management, locally saves resource state, destroy environments anytime, eliminate wasted resource costs

GUI Features

The redc GUI provides a comprehensive graphical management interface covering the entire workflow from deployment to operations.

📊 Dashboard

• Scenario statistics (total/running/stopped/error)
• Network diagnostics (Terraform endpoint connectivity)
• Account balance and monthly bill queries
• Recent AI conversations, recent tasks, MCP status
• Quick navigation links

Pre-configured Scenarios

🤖 AI Chat

Multi-turn conversational AI assistant with 7 modes:

• Free Chat — General Q&A
• Agent — Autonomously calls tools to complete complex tasks (create scenarios, execute commands, analyze status)
• Deploy Assistant — Describe your needs in one sentence, AI deploys automatically and returns results
• Template Generation — Generate Terraform templates from requirements
• Scenario Recommendation — Recommend optimal scenario plans based on objectives
• Cost Optimization — Analyze current resource usage and provide cost-saving suggestions
• Error Analysis — Paste error logs, AI analyzes causes and provides fixes

Supports streaming output, tool call visualization, ask_user human-in-the-loop decisions, conversation history persistence, and chat export.

Automated Attack Testing with Security Tools

Launch an AWS instance with nuclei installed, then scan a dedicated vulnerability testing site http://testfire.net/

Multi-Region + Compose Orchestration

Spin up 2 proxy pool machines on both Aliyun and AWS, then generate a Clash config for me

Zero-Friction Vulnerability Reproduction Environment

Deploy a vulhub CVE-2017-7504 vulnerability testing environment, enable SSH access and send me the credentials.

💻 SSH Terminal

Built-in multi-session SSH terminal manager:

• Multi-tab management for multiple SSH connections
• One-click SSH from scenario instances (multi-instance selection support)
• Manual connection to external hosts
• Command snippet quick input
• File manager (upload/download/browse)
• Port forwarding management

🛒 Software Store

One-stop tool installation platform based on f8x:

• 80+ pentest/dev/ops tools with category browsing
• Keyword search, batch selection install
• Quick presets (Full Pentest/Dev Environment/Blue Team/C2 Setup, etc.)
• Install via SSH terminal with interactive support
• Online catalog auto-sync (dynamically loaded from f8x repository)
• Installation history and status tracking

⏰ Task Center

Scheduled task management:

• Schedule scenario start/stop
• Schedule SSH command execution
• Repeat types: once/daily/weekly/interval
• Task execution history

🧠 Agent Memory

AI Agent automatically remembers operational experience and user preferences, persisted across conversations. Manageable via the Agent Memory page.

🌐 Web Service

Built-in HTTP API service for remote management:

• Admin/Operator/Viewer three-tier role control
• Operation audit logs
• Token authentication

🔌 Plugin System

Supports scenario lifecycle hook plugins that automatically execute custom logic on scenario start/stop.

GUI Development & Debugging

The redc GUI is built with Wails + Svelte + Vite.

Prerequisites

1. Install Go (recommended 1.21+)
2. Install Node.js (recommended 18+)
3. Install Wails CLI

go install github.com/wailsapp/wails/v2/cmd/wails@latest

Start Dev Mode

From the project root:

wails dev

Troubleshooting:

• Frontend deps missing: run npm install in frontend/
• HMR issues: delete frontend/node_modules and reinstall

GUI Build & Release

From the project root:

wails build

# windows
wails build -platform windows/amd64

# linux
wails build -platform linux/amd64

Artifacts are output to build/bin.

The GUI version is currently available for download from releases.

For platform/arch options, see Wails docs: https://wails.io/docs/guides/building/

CLI Installation and Configuration

redc Engine Installation

Download Binary Package

REDC download address: https://github.com/wgpsec/redc/releases

Download the compressed file for your system, extract it and run it from the command line.

HomeBrew Installation (WIP)

Install

brew install wgpsec/tap/redc

Update

brew update
brew upgrade redc

Build from Source

goreleaser

git clone https://github.com/wgpsec/redc.git
cd redc
goreleaser --snapshot --clean

# Build artifacts are generated under the dist directory

Template Selection

By default, redc reads the template folder at ~/redc/redc-templates; the folder name is the scenario name when deploying.

You can download template scenarios yourself; scenario names correspond to the template repository https://github.com/wgpsec/redc-template

Online address: https://redc.wgpsec.org/

redc pull aliyun/ecs

For specific usage and commands for each scenario, please check the readme of the specific scenario in the template repository https://github.com/wgpsec/redc-template

Engine Configuration File

redc needs AK/SK credentials to start machines.

By default, redc reads the config.yaml configuration file from your home directory at ~/redc/config.yaml. Create it if missing:

vim ~/redc/config.yaml

Example content:

# Multi-cloud credentials and default regions
providers:
  aws:
    AWS_ACCESS_KEY_ID: "AKIDXXXXXXXXXXXXXXXX"
    AWS_SECRET_ACCESS_KEY: "WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW"
    region: "us-east-1"
  aliyun:
    ALICLOUD_ACCESS_KEY: "AKIDXXXXXXXXXXXXXXXX"
    ALICLOUD_SECRET_KEY: "WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW"
    region: "cn-hangzhou"
  tencentcloud:
    TENCENTCLOUD_SECRET_ID: "AKIDXXXXXXXXXXXXXXXX"
    TENCENTCLOUD_SECRET_KEY: "WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW"
    region: "ap-guangzhou"
  volcengine:
    VOLCENGINE_ACCESS_KEY: "AKIDXXXXXXXXXXXXXXXX"
    VOLCENGINE_SECRET_KEY: "WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW"
    region: "cn-beijing"
  huaweicloud:
    HUAWEICLOUD_ACCESS_KEY: "AKIDXXXXXXXXXXXXXXXX"
    HUAWEICLOUD_SECRET_KEY: "WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW"
    region: "cn-north-4"
  google:
    GOOGLE_CREDENTIALS: '{"type":"service_account","project_id":"your-project",...}'
    project: "your-project-id"
    region: "us-central1"
  azure:
    ARM_CLIENT_ID: "00000000-0000-0000-0000-000000000000"
    ARM_CLIENT_SECRET: "your-client-secret"
    ARM_SUBSCRIPTION_ID: "00000000-0000-0000-0000-000000000000"
    ARM_TENANT_ID: "00000000-0000-0000-0000-000000000000"
  oracle:
    OCI_CLI_USER: "ocid1.user.oc1..aaaaaaa..."
    OCI_CLI_TENANCY: "ocid1.tenancy.oc1..aaaaaaa..."
    OCI_CLI_FINGERPRINT: "aa:bb:cc:dd:ee:ff:00:11:22:33:44:55:66:77:88:99"
    OCI_CLI_KEY_FILE: "~/.oci/oci_api_key.pem"
    OCI_CLI_REGION: "us-ashburn-1"
  cloudflare:
    CF_EMAIL: "you@example.com"
    CF_API_KEY: "your-cloudflare-api-key"

If the configuration file fails to load, it will attempt to read system environment variables, please configure them before use.

AWS environment variables

• Docs: https://docs.aws.amazon.com/sdkref/latest/guide/feature-static-credentials.html

Linux/macOS example:

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Windows example:

setx AWS_ACCESS_KEY_ID AKIAIOSFODNN7EXAMPLE
setx AWS_SECRET_ACCESS_KEY wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Alibaba Cloud environment variables

• Docs: https://help.aliyun.com/zh/terraform/terraform-authentication

Linux/macOS example (use a shell init file like .bash_profile or .zshrc to persist):

export ALICLOUD_ACCESS_KEY="<AccessKey ID>"
export ALICLOUD_SECRET_KEY="<AccessKey Secret>"
# If you use STS credentials, also set security_token
export ALICLOUD_SECURITY_TOKEN="<STS Token>"

Windows example:

In System Properties > Advanced > Environment Variables, add ALICLOUD_ACCESS_KEY, ALICLOUD_SECRET_KEY, and ALICLOUD_SECURITY_TOKEN (optional).

Tencent Cloud environment variables

• Docs: https://cloud.tencent.com/document/product/1278/85305

Linux/macOS example:

export TENCENTCLOUD_SECRET_ID=<YourSecretId>
export TENCENTCLOUD_SECRET_KEY=<YourSecretKey>

Windows example:

set TENCENTCLOUD_SECRET_ID=<YourSecretId>
set TENCENTCLOUD_SECRET_KEY=<YourSecretKey>

Volcengine environment variables

• Docs: https://www.volcengine.com/docs/6291/65568

Linux/macOS example:

export VOLCENGINE_ACCESS_KEY=<YourAccessKey>
export VOLCENGINE_SECRET_KEY=<YourSecretKey>

Windows example:

set VOLCENGINE_ACCESS_KEY=<YourAccessKey>
set VOLCENGINE_SECRET_KEY=<YourSecretKey>

Quick Start

redc is designed with Docker-like commands

Use redc -h to view common command help

Initialize Template

Required for first-time use of templates. To speed up template deployment, it's recommended to run init after modifying redc-templates content to speed up subsequent deployments

redc init

By default, init sweeps all scenarios under ~/redc/redc-templates to warm the Terraform provider cache.

List Template List

redc image ls

Create and Start Instance

ecs is the template file name

redc plan --name boring_sheep_ecs  [template_name] # Plan an instance (this process validates the configuration but doesn't create infrastructure)
# After plan completes, it returns a caseid which can be used with the start command to actually create infrastructure
redc start [caseid]
redc start [casename]

Directly plan and start a case with template name ecs

redc run aliyun/ecs

After starting, it will provide a case id, which is the unique identifier for the scenario, required for subsequent operations For example, 8a57078ee8567cf2459a0358bc27e534cb87c8a02eadc637ce8335046c16cb3c can use 8a57078ee856 with the same effect

Use -e parameter to configure variables

redc run -e xxx=xxx ecs

Stop instance

redc stop [caseid] # Stop instance
redc rm [caseid] # Delete instance (confirm the instance is stopped before deleting)
redc kill [caseid] # After init template, stop and delete instance

View case status

redc ps

Execute commands

Directly execute command and return result

redc exec [caseid] whoami

Enter interactive command mode

redc exec -t [caseid] bash

Copy files to server

redc cp test.txt [caseid]:/root/

Download files to local

redc cp [caseid]:/root/test.txt ./

Change service

This requires template support for changes, can switch elastic public IP

redc change [caseid]

JSON Output

All CLI commands support --output json (short form -o json), producing structured JSON output for scripting and automation.

Basic Usage

# List all cases in JSON format
redc ps -o json

# Start a case and get structured result
redc run aliyun/ecs --output json

# Check case status
redc status [caseid] -o json

# Search templates
redc search aliyun -o json

# List local templates
redc image ls -o json

Output Format

On success:

{"data": { ... }}

On error:

{"error": "error message"}

Scripting Examples

# Start a case and extract the case id
CASE_ID=$(redc run aliyun/ecs -o json | jq -r '.data.id')

# Query case output information
redc status $CASE_ID -o json | jq '.data.outputs'

# Batch stop all running cases
redc ps -o json | jq -r '.data[] | select(.state=="running") | .id' | xargs -I{} redc stop {}

In JSON mode, all log output is suppressed — only a single line of JSON is written to stdout. Default text output behavior is unaffected.

MCP (Model Context Protocol) Support

redc now supports the Model Context Protocol, enabling seamless integration with AI assistants and automation tools.

Key Features

• Two Transport Modes: STDIO for local integration and SSE for web-based access
• Comprehensive Tools: Create, manage, and execute commands on infrastructure
• AI-Friendly: Works with Claude Desktop, custom AI tools, and automation platforms
• Secure: STDIO runs locally with no network exposure; SSE can be restricted to localhost

Quick Start

Start STDIO Server (for Claude Desktop integration):

redc mcp stdio

Start SSE Server (for web-based clients):

# Default (localhost:8080)
redc mcp sse

# Custom port
redc mcp sse localhost:9000

Available Tools

• list_templates - List all available templates
• list_cases - List all cases in the project
• plan_case - Plan a new case from template (preview resources without creating)
• start_case / stop_case / kill_case - Manage case lifecycle
• get_case_status - Check case status
• exec_command - Execute commands on cases

Example: Integrate with Chrerry stdio

Taking Chrerry stdio as an example, simply fill in http://localhost:9000/sse to get the tool information

Usage examples:

• Test

  

• Start machine

  

• Execute command

  

• Stop machine

  

Example: Integrate with Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "redc": {
      "command": "/path/to/redc",
      "args": ["mcp", "stdio"]
    }
  }
}

For detailed documentation, see MCP.md.

Compose Orchestration Service

redc provides an orchestration service that allows you to manage multiple cloud service instances simultaneously through YAML configuration files, enabling complex infrastructure deployments.

Quick Start

Configuration File Example (Full Example)

version: "3.9"

# Service definitions
services:
  # Alibaba Cloud ECS instance
  aliyun_server:
    image: aliyun/ecs
    container_name: my_aliyun_ecs
    command: |
      echo "Alibaba Cloud ECS initialized"
      uptime
  
  # Volcengine ECS instance
  volcengine_server:
    image: volcengine/ecs
    container_name: my_volcengine_ecs
    command: |
      echo "Volcengine ECS initialized"
      uptime

# Post-deployment tasks
setup:
  - name: "Check Alibaba Cloud instance"
    service: aliyun_server
    command: hostname && ip addr show

  - name: "Check Volcengine instance"
    service: volcengine_server
    command: hostname && ip addr show

Common Commands

# Preview configuration
redc compose config redc-compose.yaml

# Start orchestration
redc compose up redc-compose.yaml

# Stop orchestration
redc compose down redc-compose.yaml

Detailed Documentation

For complete usage guide, advanced features, and best practices, see Compose Orchestration Guide.

Configure Cache and Acceleration

Configure cache address only:

echo 'plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"' > ~/.terraformrc

Configure Alibaba Cloud acceleration, modify ~/.terraformrc file

plugin_cache_dir  = "$HOME/.terraform.d/plugin-cache"
disable_checkpoint = true
provider_installation {
  network_mirror {
    url = "https://mirrors.aliyun.com/terraform/"
    # Restrict only Alibaba Cloud related Providers to download from domestic mirror source
    include = ["registry.terraform.io/aliyun/alicloud",
               "registry.terraform.io/hashicorp/alicloud",
              ]
  }
  direct {
    # Declare that except for Alibaba Cloud related Providers, other Providers keep original download link
    exclude = ["registry.terraform.io/aliyun/alicloud",
               "registry.terraform.io/hashicorp/alicloud",
              ]
  }
}

Design Plan

1. Create a new project first
2. Creating a scenario under a specified project will copy a scenario folder from the scenario library to the project folder
3. Creating the same scenario under different projects will not interfere with each other
4. Creating the same scenario under the same project will not interfere with each other
5. Multiple user operations will not interfere with each other (local authentication is done, but this should actually be done on the platform)

• redc configuration file (~/redc/config.yaml)
• Project1 (./project1)
  • Scenario1 (./project1/[uuid1])
    • main.tf
    • version.tf
    • output.tf
  • Scenario2 (./project1/[uuid2])
    • main.tf
    • version.tf
    • output.tf
  • Project status file (project.ini)
• Project2 (./project2)
  • Scenario1 (./project2/[uuid1])
    • main.tf
    • version.tf
    • output.tf
  • Scenario2 (./project2/[uuid2])
    • ...
  • Project status file (project.ini)
• Project3 (./project3)
  • ...

Article Introduction

• https://mp.weixin.qq.com/s/JH-IlL_GFgZp3xXeOFzZeQ

FAQ

macOS Installation Issues

When using the compiled app package, you may encounter the following issues:

• "xxx is damaged and can't be opened. You should move it to the Trash."
• "Cannot open xxx because Apple cannot check it for malicious software."
• "Cannot open xxx because it is from an unidentified developer."

macOS has a GateKeeper protection mechanism. Files downloaded from the internet are automatically tagged with the com.apple.quarantine attribute, which can be understood as "quarantine isolation." The system applies restrictions to the file based on this attribute.

As macOS versions evolve, the restrictions on com.apple.quarantine have become increasingly strict. In newer versions of macOS, you may see aggressive warnings like "image damaged" or "application damaged."

You can resolve this issue by manually removing the quarantine attribute. Execute the following command:

sudo xattr -r -d com.apple.quarantine /Applications/redc-gui.app