All Projects → loseys → Blackmamba

loseys / Blackmamba

Licence: mit
C2/post-exploitation framework

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects

Projects that are alternatives of or similar to Blackmamba

Bifrost
Bifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-93.2%)
Mutual labels:  post-exploitation, pentest, offensive-security, red-team, pentest-tool
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+108.82%)
Mutual labels:  security-tools, pentest, pentest-tool, red-team
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+42.46%)
Mutual labels:  security-tools, pentest, pentest-tool, red-team
Packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-25.55%)
Mutual labels:  security-tools, pentest-tool, red-team
Habu
Hacking Toolkit
Stars: ✭ 635 (+16.73%)
Mutual labels:  security-tools, pentest, pentest-tool
Catnip
Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
Stars: ✭ 108 (-80.15%)
Mutual labels:  security-tools, pentest, pentest-tool
Airmaster
Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-72.43%)
Mutual labels:  security-tools, pentest-tool, red-team
Jwtxploiter
A tool to test security of json web token
Stars: ✭ 130 (-76.1%)
Mutual labels:  security-tools, pentest, pentest-tool
Oblivion
Data leak checker & OSINT Tool
Stars: ✭ 237 (-56.43%)
Mutual labels:  security-tools, pentest, pyqt5
LAZYPARIAH
A tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (-77.76%)
Mutual labels:  pentest, red-team, pentest-tool
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (-23.16%)
Mutual labels:  post-exploitation, offensive-security, pentest-tool
Punk.py
unix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-80.33%)
Mutual labels:  pentest-tool, post-exploitation, offensive-security
Sippts
Set of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-78.68%)
Mutual labels:  security-tools, pentest, pentest-tool
Fudgec2
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-64.89%)
Mutual labels:  security-tools, post-exploitation, offensive-security
Black Hat Rust
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-39.15%)
Mutual labels:  pentest, red-team, offensive-security
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-0.55%)
Mutual labels:  pentest-tool, red-team, offensive-security
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-31.99%)
Mutual labels:  security-tools, red-team
Open Redirect Payloads
Open Redirect Payloads
Stars: ✭ 361 (-33.64%)
Mutual labels:  pentest, pentest-tool
Envizon
network visualization & vulnerability management/reporting
Stars: ✭ 382 (-29.78%)
Mutual labels:  security-tools, pentest-tool
Webshell Sniper
🔨 Manage your website via terminal
Stars: ✭ 359 (-34.01%)
Mutual labels:  security-tools, pentest

ST

BLACKMAMBA

platforms version Python 3.8.6 Release license

BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework.

Some of BlackMamba features are:

  • Multi-Client - Supports multiple client connections at the same time.
  • Real-Time Communication Updates - Real-time communication and updates between the client and server.
  • Encrypted Communication - Almost all communications are encrypted, except for screen video streaming.
  • Screenshot Gathering - Get a real-time screenshot from the client.
  • Video Streaming - Watch in real-time the client screen.
  • Client Lock - Lock and unlock the machine of the client.
  • Encrypted File Transfer (upload/download) - Download files from the client or uploads files for the client.
  • Keylogger - Register all the keys pressed by the client.
  • Web Downloader - Download files from URLs or content by RAW pages.

ST

ST

ST

ST

ST

ST

Install Guide

SERVER INSTALL

1º - Download the BlackMamba;

2º - Install the PIP packages;

 pip install -r requirements.txt
 
 PyQt5
 Pillow
 PyAutoGUI
 pytest-shutil
 cryptography
 pynput
 pygame

3º - Open the port 65000 and 65005 in your Gateway or Router (the port number is optional);

4º - Create an exception in the firewall for BlackMamba or disable it;

5ª - Go to "BlackMamba/bin/profile/socket.txt" and input the port number opened;

 SERVER_IP=0.0.0.0
 PORT=65000
 PORT_VIDEO=65005

 IMPORTANT: Do not change the 0.0.0.0.

6º (OPTIONAL) - Go to the BlackMamba folder and open the "keygen.py" file. Copy the resulting key and paste in the "BlackMamba/bin/profile/crypt_key.py" ;

The BlackMamba uses a default cryptography key. It is interesting that you change it.

7º - Back to BlackMamba root folder and open the "main.py" file;

WINDOWS
python main.py

GNU/LINUX
sudo chmod 777 main.py
sudo python3.8 main.py

    KALI LINUX
    (sudo chmod 777 main.py)
    (sudo python3 main.py)

8º - Click on the button that has a person icon and plus signal;

9º - Input the path where the Python file will be created, input both port numbers and the IP address (external or local) of your host, then click on the "Create" button.

CLIENT INSTALL

After creating the Client script, you'll need to open the script in the host target:

WINDOWS

python script.py

GNU/LINUX

1º Download the packages:

scrot -y
python3-pip -y
python3-tk -y
python3-dev -y

2º sudo python3.8 script.py

KALI LINUX
(sudo python3 script.py)

IMPORTANT: The script of the client does not have persistence. If you want to do persistence, you'll need to make it by yourself. Another important point is that the client script maybe delay some seconds or few minutes for connect/reconnect.

Release status

Currently the BlackMamba is on beta stage, this means that the features are all completed but likely to contain a number of known and unknown bugs. It is important to reinforce that most critical bugs like crashes or buffer overflow have already been solved.

More information

For more information, please take a look at the Wiki.

Call for Contributions

I'm just one person developing the BlackMamba. If anyone finds this tool useful and wants to add some functionality, improve the code performance or improve something in the BlackMamba, the best way to get it added is to submit a pull request.

If you want to collaborate but you don't know Python, you can help me so much with bug reports. You can do it by submitting Issues you encounter :)

Author

Gustavo (Loseys)

Acknowledgments, Contributors & Involuntary Contributors

(In no particular order)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].