I made a post that goes through the details and thought process behind writing a ransomware payload for training purposes. It goes over how the entire killchain works and how each component is written as well as defense evasion techniques employed throughout the process. Finally, it goes over how to automate the killchain so that it is reliable and repeatable.
This post covers the use of internal proxy techniques and some employment considerations.
SpecterInsight is a cross-platform, post-exploitation command and control framework based on .NET for red team engagements, threat emulation, and training. Distinguishing features include:
There is also a free, indefinite evaluation license that includes the full product. Most of the SpecterScripts are open source, so itβs a good way to learn. I thought people here might find it useful.