Spectre C2 is a platform for authorized satellite security research, orbital asset assessment, and adversary simulation. It unifies traditional command-and-control workflows with orbital mechanics, RF analysis, and space protocol research in a controlled, auditable environment.
Research Status: Alpha (active development). Interfaces, modules, and internal behavior are subject to change.
- Modular offensive capability engine for controlled red team simulation
- Orbital asset intelligence with real-time SGP4 propagation and pass prediction
- Satellite-aware mission planning aligned to visibility windows and link constraints
- RF and space protocol analysis tooling (non-transmitting by default)
- Deterministic C2 tasking with structured evidence capture
- Asynchronous ASGI runtime
- JWT authentication with RBAC
- SQLite (development) or PostgreSQL (production)
- Rate limiting, input validation, and audit logging
- React 18 with Vite build pipeline
- Typed state hooks for C2, mission, and telemetry state
- WebSocket-based real-time updates
git clone <repository-url>
cd spectre-c2cd backend
python -m venv venv
# Windows
venv\Scripts\activate
# Linux/macOS
source venv/bin/activate
pip install -r requirements.txt# Create database schema
python init_db.py
# Create admin user (username: admin, password: admin123)
python create_test_admin.py
# Apply performance indexes
python add_indexes.pycd ..
npm install
npm run buildTerminal 1 – Backend
cd backend
venv\Scripts\activate # or source venv/bin/activate on Linux/macOS
uvicorn backend:app --reload --port 8000Terminal 2 – Frontend
npm run dev- Frontend: http://localhost:3000
- Backend API: http://localhost:8000
- API Documentation: http://localhost:8000/docs
Username: admin
Password: admin123
IMPORTANT: Change default credentials immediately in production or shared environments.
Create a .env file in the backend/ directory:
# Database (optional - defaults to SQLite)
DATABASE_URL=sqlite:///./spectre.db
# JWT Security (REQUIRED for production)
JWT_SECRET_KEY=your-secret-key-minimum-32-characters
# External API Keys (optional)
CELESTRAK_API_KEY=your-key
SPACETRACK_USERNAME=your-username
SPACETRACK_PASSWORD=your-password
N2YO_API_KEY=your-key
# Performance Tuning
CACHE_ENABLED=true
CACHE_TTL_SECONDS=300
DATABASE_POOL_SIZE=20
DATABASE_MAX_OVERFLOW=40The backend exposes a fully documented REST API.
- OpenAPI / Swagger UI: http://localhost:8000/docs
- Health Check: http://localhost:8000/health
- Detailed Health: http://localhost:8000/health/detailed
- Navigate to http://localhost:3000
- Enter credentials:
admin/admin123initial setup creds - System authenticates and loads the operator session
- Navigate to Offensive > Modules
- Filter by category (Recon, Exploitation, Post-Ex, Persistence)
- Insert module commands into the terminal
- Execute against the active C2 agent within scope
- Navigate to Intel > Orbital
- Load satellites from the database
- Select a satellite for detailed telemetry
- Use Satellite > Timeline for pass predictions
- Navigate to Satellite > Missions
- Create a new mission
- Select target satellite and objectives
- Review calculated execution windows
- Navigate to Intel > Vault
- Review automatically collected artifacts
- Filter by credentials, screenshots, or files
- Export evidence for reporting
This platform is intended solely for authorized security research, adversary simulation, and educational use. Unauthorized access, RF transmission, or interference with operational satellite systems is prohibited.
Research only usage. Commercial deployment or redistribution without explicit authorization is prohibited.