Trojan Command and Control (C2) Framework uses a Github account to control, update, and receive data from your implants while remaining stealthy.
How to • Modules • Config • Data • Important! • Credits
First, because your traffic to GitHub will be encrypted over SSL. Several entreprises already use Github for their own work, so your traffic can be completely invisible to their blue teams. In addition, you can use Python's native library import to deploy new functionality on your trojans - this means you can automatically update your implants, and any dependant libraries, directly from your repo.
- Create a private repository.
- Create a personal access token (PAT), instructions here
- Add the token's filename to the .gitignore file.
- Tweak the functionality of your trojan using the modules and config folders.
- Compile the trojan to run in the victim's OS.
- Send it and enjoy!
Optional: Add functionality by modifying the Modules and Config folders.
💪 The muscles of your Trojans.💪
| Module | Functionality |
|---|---|
| Dirlister | Retrieves a list of folders & files in the target's current directory |
| Environment | Retrieves a list of the target's environmental variables. |
| Windows Key Logger | Prints out PID, process name, window name and keystrokes of target. |
| Screenshooter | Takes a screenshot of target's desktop. |
| Shellcode | Connects to your remote web server and executes your shellcode directly into the target's memory. |
| Windows Sandbox Detection | Bypasses common AV sandboxing techniques by monitoring the target's machine. |
- To expand functionality and update your trojan remotely, write the necesary code in this folder.
- Recommended usage:
Each module you add should expose a
run(**args)function that takes a variable number of arguments. This enables to load each module in the same fashion, but also allows you to customize the configuration files to pass different arguments to the modules.
Tip: To assess your modules, push them to GitHub and enable them in a configuration file fror your local testing version of the Trojan.
🧠 The brains of your Trojans. 🧠
This is where you tell each trojan which actions to perform and the modules required to do so:
- Add a new JSON file following the structure of
test.json. - Name the file with a unique ID depending on its functionality.
- Modify the
horsy.pyfile by removing the filename 'test' and add the name of your file.
- Each trojan should also have a unique ID. This helps when sorting retrieved data based on the ID and provides modular control of your trojans.
- Data path where the trojan will write its output files directly.
.gitignore This file should have the filename of your PAT(personal access token). Give the token read and write permissions. Beware that is you forget to do this step, you will end up posting your token to your repository.
Tip: Create several different tokens for different trojans so you can control what each trojan can access in your repository. That way, if victims catch your trojan, they can’t come along and delete all of your retrieved data.
This repo was created while reading the amazing book: Black Hat Python 2 by Justin Seitz and Tim Arnold.
Writers and contributors take NO responsibility and/or liability for how you choose to use any of the source code available here. By using any of the files available in this repository, you understand that you are AGREEING TO USE AT YOUR OWN RISK. Once again, ALL files available here are for EDUCATION and/or RESEARCH purposes ONLY.
The code is licensed under the MIT License.