Hey, guys (and gals)!
Long time no see. I 've been working hard on several projects and stuff lately so I was just an observer all that time.
Observing this page and several projects starting on github, I was really impressed with how many backdoor projects are being created.
I remember reading about the “stelf shell” (https://0x00sec.org/t/how-to-get-a-super-stelfy-shell-that-av-doesnt-pick-up) the other day, and I was surprised on how many features this guy got to code from scratch. I felt a bit sorry for the time he spent coding actually, as I felt sorry for myself when writing the “Pozzo & Lucky Shell” (https://securosophy.com/2016/09/19/pozzo-lucky-stego-in-tcpip-part-2/).
Generally re-implementing backdoor related stuff has been a part of my life…
I came up with something really nice, this time though…
So I came up with an idea to create a package that contains all bits and parts of a backdoor (both agent and handler tools)
Meet the covertutils package!
Been working several months on this. And finally I am quite ready to show you!
Here it is then:
You can find the latest documentation on Read The Docs :
And, of course, Programming Examples : http://covertutils.readthedocs.io/en/latest/prog_examples.html
Let’s finally create a polymorphic enough standard!
My focus was to make all network traffic not only encrypted, but unique, rendering impossible the network signatures.
Also oriented the whole project, not towards the standard reverse TCP/HTTP stuff, but made it Network Agnostic, making possible any creative Communication Channel.
No external dependencies
A battle I so far win! I am keeping this package dependency-less. Yet any project that uses this package can have all kinds of deps.
I chose dependency free design to ensure Python Freeze software will work flawlessly!
Github Issues always welcome
I have never used this package as a client/developer, except for writing tests and coding examples.
I am sure there are some bugs lurking around.
If you find one, don’t kill it alone. Bring company - you know what to do…
How would I not publish on PyPI?
pip install covertutils and you are ready to roll!
Please share what you create!
If it is a new meterpreter alternative or a simple
stage (oh it supports dynamic module loading: http://covertutils.readthedocs.io/en/latest/stage_api.html), please post it somewhere. I 'm really curious to see my baby in good use!