rustyvnc

RustyVNC is a remote desktop control tool built for authorized red team security testing. It lets a security operator view and interact with a Windows desktop from a browser, without sitting in front of that machine. The project is split into two pieces: a Windows client written in Rust, and a relay server written in Go that the operator runs on their own machine.

The Windows client runs on the target machine in an active user session. It captures the desktop as a series of JPEG images, encodes them, and sends them to the relay server over an encrypted connection. It also listens for mouse clicks, keyboard input, and application launch commands that come back from the operator. The client requires a real logged-in desktop session and will not work in the background system session (Session 0), which would only produce blank frames anyway.

The relay server sits in the middle. It receives frames from the Windows client and fans them out to the browser viewer that the operator opens. When the operator clicks or types in the browser, those actions travel back through the server to the Windows client, which then replays them on the remote desktop. All traffic between the components stays encrypted: the server is HTTPS-only and the WebSocket connection uses WSS. If no certificate is provided, the server generates a temporary self-signed one for that run.

The browser viewer is built into the same Go server, so the operator just opens the HTTPS address in any browser to get a live view of the remote desktop. The first version supports one connected client at a time to keep the session logic simple.

The project README notes that RustyVNC is intended for authorized research and defense analyst purposes. It is not a general-purpose remote desktop tool and is specifically designed for penetration testing scenarios where an operator has permission to interact with the target system.