LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP

LDAPFragger is a Command and Control tool that enables attackers to route Cobalt Strike beacon data over LDAP using user attributes. For background information, read the release blog: http://blog.fox-it.com/2020/03/19/ldapfragger-command-and-control-over-ldap-attributes Dependencies and installation Compiled with .NET 4.0, but may work with older and newer .NET frameworks as well Usage Active Directory domain –ldaps: Use LDAPS insteadRead More

Nanobrok – Web Service For Control And Protect Your Android Device Remotely

Web Service write in Python for control and protect your android device remotely.  The official app can be found on the PlayStore: NanobrokPro Nanobrok Community Overview Nanobrok-Server is powerful opensource webservice for control and protect your android device, written in Python, that allow and offer a stable and security connection with your android device forRead More

Covert-Control – Google Drive, OneDrive And Youtube As Covert-Channels – Control Systems Remotely By Uploading Files To Google Drive, OneDrive, Youtube Or Telegram

Control systems remotely by uploading files to Google Drive, OneDrive, Youtube or Telegram using Python to create the files and the listeners. It allows to create text files, images, audio or videos, with the commands in cleartext or encrypted using AES. covert-googledrive.py – Control systems uploading files to a public folder in Google Drive. covert-onedrive.pyRead More

GC2 – A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive

GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any particular set up (like: aRead More

Covert-Tube – Youtube As Covert-Channel – Control Systems Remotely And Execute Commands By Uploading Videos To Youtube

A program to control systems remotely by uploading videos to Youtube using Python to create the videos and the listener, emulating some malware I was reading about. It allows to create videos with frames formed of simple text, QR codes with cleartext or QR codes using AES encryption. Create a video The videos can beRead More

403Bypasser – Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages

403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and it is open to contributions. Installation Clone the repository to your machine. git clone https://github.com/yunemse48/403bypasser.git Install required modules by running the code pip install -r requirements.txt READY! Usage Arguments: Argument Description Examples Note -u singleRead More

Link – A Command And Control Framework Written In Rust

link is a command and control framework written in rust. Currently in beta. Introduction link provides MacOS, Linux and Windows implants which may lack the necessary evasive tradecraft provided by other more mature command and control frameworks. Tested on Linux only. Features Hopefully this list expands for humans to actually want to use this: HTTPSRead More

Kubesploit – A Cross-Platform Post-Exploitation HTTP/2 Command And Control Server And Agent Written In Golang

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl (@Ne0nd0g). Our Motivation While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities inRead More

RAT-el – An Open Source Penetration Test Tool That Allows You To Take Control Of A Windows Machine

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software. Please do not upload to virustotalRead More

Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn’t require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scanRead More