0x09AL / Go Deliver
Licence: apache-2.0
Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103
Programming Languages
go
31211 projects - #10 most used programming language
Projects that are alternatives of or similar to Go Deliver
Red Teaming Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+5351.46%)
Mutual labels: pentesting, red-team
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+652.43%)
Mutual labels: pentesting, red-team
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+425.24%)
Mutual labels: pentesting, red-team
Ehtools
Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.
Stars: ✭ 422 (+309.71%)
Mutual labels: pentesting, payload
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1002.91%)
Mutual labels: pentesting, red-team
Dref
DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+310.68%)
Mutual labels: pentesting, red-team
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+259.22%)
Mutual labels: pentesting, red-team
Sleight
Empire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-57.28%)
Mutual labels: pentesting, red-team
Sessiongopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+708.74%)
Mutual labels: pentesting, red-team
Packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+293.2%)
Mutual labels: pentesting, red-team
Gitjacker
🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+1112.62%)
Mutual labels: pentesting, red-team
Raasnet
Open-Source Ransomware As A Service for Linux, MacOS and Windows
Stars: ✭ 371 (+260.19%)
Mutual labels: pentesting, payload
Covertutils
A framework for Backdoor development!
Stars: ✭ 424 (+311.65%)
Mutual labels: pentesting, payload
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+3940.78%)
Mutual labels: pentesting, red-team
Platypus
🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+442.72%)
Mutual labels: pentesting, red-team
Gray hat csharp code
This repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+192.23%)
Mutual labels: pentesting, payload
Black Hat Rust
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+221.36%)
Mutual labels: pentesting, red-team
Pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+6440.78%)
Mutual labels: pentesting, payload
Netmap.js
Fast browser-based network discovery module
Stars: ✭ 70 (-32.04%)
Mutual labels: pentesting, red-team
go-deliver
Go-deliver is a payload delivery tool coded in Go. This is the first version and other features will be added in the future.
Installation
Compile from source:
- Clone this repository.
- Install the required dependecies.
- Compile and run.
Dependecies
- https://github.com/chzyer/readline
- https://github.com/gorilla/mux
- https://github.com/mattn/go-sqlite3
- https://github.com/olekukonko/tablewriter
- http://gopkg.in/gcfg.v1
Configuration
Currently go-deliver supports only http and https server for payload delivery. More server types will be added later.
To change the port of the http server you can modify the config.conf.
Sample configuration :
[http]
enable = true
port = 8888
template404 = templates/404.html
[https]
enable = false
port = 8443
template404 = templates/404.html
publickey = certs/server.pem
privatekey = certs/server.key
Usage
The main logic behind go-deliver is to deliver different type of payloads to specific IP/Subnet address or block access for specific IP/Subnet.
Currently you have two types of objects in go-deliver.
- Payload - Used to define an object to deliver.
- Host - Used to define an object to combine with Payload object.
Payload object commands
- Add - Add a new payload to database.
- Delete - Delete a payload from the database.
- List - List all the payloads on the database.
Payload types
mshta regsrv32 powershell javascript html text exe
Payload Options
- Id - ID of the payload on the database. (Unchangeable)
- Name - Name of the payload.
- Content Type - Content Type that will be sent as a header.
- Host Blacklist - The name of a Host object to be used as a blacklist.
- Host Whitelist - The name of a Host object to be used as a whitelist.
- Data File - Location of a file to be delivered.
- Data B64 - B64 encoded data to be delivered.
- Ptype - Payload type.
- Guid - Unique identifier for every payload.
Note : If no whitelist or blacklist is specified the payload will get delivered to anyone with the correct URL.
Host object commands
- Add - Add a new host object to the database.
- Delete - Delete a host object from the database.
- List - List all the host objects on the database.
Host options
- Id - ID of the host object on the database. (Unchangeable)
- Name - Name of the host object.
- Htype - Host object type. It can be
IPorSubnet
TODO
- Add more types of servers.
- Add templates and the ability to generate payloads.
- Add one-liner for every payload type.
Suggestions ???
Screenshots
Payload Creation
Payload List
Payload Deliver
Host Creation
Payload with Black List
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].