- Joined
- Aug 19, 2023
- Messages
- 911
- Reaction score
- 40,833
- Points
- 93
- Thread Author
- #1
Pupy is a cross-platform, multi function RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory.
Windows payload can load the entire Python interpreter from memory using a reflective DLL.
Pupy does not touch the disk.
Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
PyCrypto gets replaced by pure Python A-E-S & R-S-A implementations when unavailable.
Reflectively migrate into other processes.
Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
Imported python modules do not touch the disk.
Easily extensible, modules are simple to write and are sorted by os and category.
Modules can directly access python objects on the remote client using rypc
Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
Communication transports are modular and stackable. Exfiltrate data using H-T-T-P over H-T-T-P over A-E-S over X-O-R, or any combination of the available transports.
Communicate using obfsproxy
Execute noninteractive commands on multiple hosts at once.
Commands and scripts running on remote hosts are interruptible.
Auto-completion for commands and arguments.
Custom config can be defined: command aliases, modules. automatically run at connection, etc.
Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
Remote shells on Unix & Windows clients have a real tty with all keyboard signals working just like an S-S-H shell.
Execute PE executable remotely and from memory.
Generate payloads in various formats:
Deploy in memory from a single command line using python or PowerShell one-liners.
Embed "scriptlets" in generated payloads to perform some tasks "offline" without needing network connectivity (ex: start keylogger, add persistence, execute custom python script, check_vm, etc.)
Multiple Target Platforms
Virustotal link https://www.virustotal.com/gui/file/e9513aafb9c5eed3711ea3e45aa25a30e11c91afbaf2dc7dcc7b014646397acf
Features:
Windows payload can load the entire Python interpreter from memory using a reflective DLL.
Pupy does not touch the disk.
Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.
PyCrypto gets replaced by pure Python A-E-S & R-S-A implementations when unavailable.
Reflectively migrate into other processes.
Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.
Imported python modules do not touch the disk.
Easily extensible, modules are simple to write and are sorted by os and category.
Modules can directly access python objects on the remote client using rypc
Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.
Communication transports are modular and stackable. Exfiltrate data using H-T-T-P over H-T-T-P over A-E-S over X-O-R, or any combination of the available transports.
Communicate using obfsproxy
Execute noninteractive commands on multiple hosts at once.
Commands and scripts running on remote hosts are interruptible.
Auto-completion for commands and arguments.
Custom config can be defined: command aliases, modules. automatically run at connection, etc.
Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.
Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.
Remote shells on Unix & Windows clients have a real tty with all keyboard signals working just like an S-S-H shell.
Execute PE executable remotely and from memory.
Generate payloads in various formats:
Deploy in memory from a single command line using python or PowerShell one-liners.
Embed "scriptlets" in generated payloads to perform some tasks "offline" without needing network connectivity (ex: start keylogger, add persistence, execute custom python script, check_vm, etc.)
Multiple Target Platforms
Download :
To see this hidden content, you must reply and react with one of the following reactions : Like, Love, Wow