All Projects → n1nj4sec → Pupy

n1nj4sec / Pupy

Licence: other
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Programming Languages

python
139335 projects - #7 most used programming language
c
50402 projects - #5 most used programming language
C++
36643 projects - #6 most used programming language
go
31211 projects - #10 most used programming language
Makefile
30231 projects
C#
18002 projects

Projects that are alternatives of or similar to Pupy

trolo
trolo - an easy to use script for generating Payloads that bypasses antivirus
Stars: ✭ 45 (-99.33%)
Mutual labels:  reverse-shell, rat, remote-access, payload, meterpreter
Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-98.71%)
Mutual labels:  pentesting, backdoor, rat, post-exploitation, reverse-shell
Evilosx
An evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (-72.9%)
Mutual labels:  pentesting, backdoor, rat, post-exploitation, reverse-shell
ToRat client
This is the ToRat client, a part of the ToRat Project.
Stars: ✭ 29 (-99.57%)
Mutual labels:  reverse-shell, post-exploitation, payload, remote-admin-tool
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
Stars: ✭ 1,934 (-71.29%)
Mutual labels:  backdoor, rat, post-exploitation, remote-access
Rspet
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Stars: ✭ 251 (-96.27%)
Mutual labels:  pentesting, backdoor, post-exploitation, reverse-shell
Covertutils
A framework for Backdoor development!
Stars: ✭ 424 (-93.71%)
Mutual labels:  pentesting, payload, post-exploitation, reverse-shell
Proton
Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-97.89%)
Mutual labels:  payload, backdoor, rat, post-exploitation
Torat
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415 (-93.84%)
Mutual labels:  payload, rat, post-exploitation, reverse-shell
YAPS
Yet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-99.48%)
Mutual labels:  backdoor, reverse-shell, rat, pentesting
Betterbackdoor
A backdoor with a multitude of features.
Stars: ✭ 195 (-97.11%)
Mutual labels:  pentesting, backdoor, reverse-shell
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (-95.47%)
Mutual labels:  backdoor, rat, payload
MsfMania
Python AV Evasion Tools
Stars: ✭ 388 (-94.24%)
Mutual labels:  backdoor, reverse-shell, meterpreter
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-97.14%)
Mutual labels:  pentesting, post-exploitation, reverse-shell
XENA
XENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ulti…
Stars: ✭ 127 (-98.11%)
Mutual labels:  post-exploitation, remote-access, remote-admin-tool
reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
Stars: ✭ 548 (-91.87%)
Mutual labels:  backdoor, reverse-shell, remote-admin-tool
Hercules
HERCULES is a special payload generator that can bypass antivirus softwares.
Stars: ✭ 526 (-92.19%)
Mutual labels:  payload, reverse-shell, meterpreter
pace
Remote Access Tool for Windows.
Stars: ✭ 68 (-98.99%)
Mutual labels:  rat, remote-access, remote-admin-tool
Thefatrat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (-11.77%)
Mutual labels:  backdoor, rat, remote-access
Networm
Python network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-98%)
Mutual labels:  pentesting, backdoor, rat

Pupy

Build Status

Installation

Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to use Docker Compose.

Refer to the wiki

Description

Pupy is a cross-platform, multi function RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory.

Features

  • Windows payload can load the entire Python interpreter from memory using a reflective DLL.

    • Pupy does not touch the disk.
  • Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.

    • PyCrypto gets replaced by pure Python AES & RSA implementations when unavailable.
  • Reflectively migrate into other processes.

  • Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.

    • Imported python modules do not touch the disk.
  • Easily extensible, modules are simple to write and are sorted by os and category.

  • Modules can directly access python objects on the remote client using rpyc.

  • Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.

  • Communication transports are modular and stackable. Exfiltrate data using HTTP over HTTP over AES over XOR, or any combination of the available transports.

  • Communicate using obfsproxy pluggable transports.

  • Execute noninteractive commands on multiple hosts at once.

  • Commands and scripts running on remote hosts are interruptible.

  • Auto-completion for commands and arguments.

  • Custom config can be defined: command aliases, modules. automatically run at connection, etc.

  • Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.

  • Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.

    • Remote shells on Unix & Windows clients have a real tty with all keyboard signals working just like an SSH shell.
  • Execute PE executable remotely and from memory.

  • Generate payloads in various formats:

Format Architecture Short Name
Android Package x86 & ARMv7 apk
Linux Binary x86 lin_x86
Linux Binary x64 lin_x64
Linux Shared Object x86 so_x86
Linux Shared Object x64 so_x64
Windows PE Executable x86 exe_x86
Windows PE Executable x64 exe_x64
Windows DLL x86 dll_x86
Windows DLL x64 dll_x64
Python Script x86 & x64 py
PyInstaller x86 & x64 pyinst
Python Oneliner x86 & x64 py_oneliner
Powershell x86 & x64 ps1
Powershell Oneliner x86 & x64 ps1_oneliner
Ducky Script N/A rubber_ducky
  • Deploy in memory from a single command line using python or powershell one-liners.

  • Embed "scriptlets" in generated payloads to perform some tasks "offline" without needing network connectivity (ex: start keylogger, add persistence, execute custom python script, check_vm, etc.)

  • Multiple Target Platforms:

Platform Support Status
Windows XP Supported
Windows 7 Supported
Windows 8 Supported
Windows 10 Supported
Linux Supported
Mac OSX Limited Support
Android Limited Support

Documentation

All documentation can be found on the wiki.

Refer to the wiki

FAQ

Does the server work on windows?

Pupy has not been tested on Windows. Theoretically, it should work on any platform that supports Docker and Docker Compose. However, you will need to adapt the Docker Compose installation instructions for the Windows platform.

I can't install Pupy. The installation fails.

  1. Please refer to the wiki. It is possible that your answer is there.
  2. Search the Github issues and see if your issue was already solved.
  3. If you issue was not solved, open a new issue following the issue guidelines.

If you do not follow these steps, you issue will be closed.

Android and/or Mac OSX payloads and modules don't work.

Pupy has limited support for Android and OSX. These platforms may not be well maintained and may break intermittently. Some modules (i.e. keylogger) may be missing for these platforms.

Development

If some of you want to participate to pupy development, don't hesitate! All help is greatly appreciated and all pull requests will be reviewed.

Also there is small note about development. Please run flake8 before doing any commits. File with config is here.

Contact

Platform Contact Info
Email [email protected]
Twitter https://twitter.com/n1nj4sec

This project is a personal development, please respect its philosophy and don't use it for evil purposes!

Special thanks

Special thanks to all contributors that help improve pupy and make it a better tool! :)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].