Villain
Villain copied to clipboard
t3l3machus
Very important constructive suggestions
First when I was testing the Payload test constructing Linux's Python3, my processes and traffic features were all detected
Even the commands I executed were all detected
Secondly, the command executed by the attacker in the process will be displayed very obviously
The administrator is not a fool, it is obvious that Kill will drop this process
finally , i wanner give this project some suggestions
- 1.Encryption for the flow side
- 2.Hidden process information
Although the current version is slightly regrettable, I still sponsor this project, looking forward to his update
@Emmp7y thank you for the constructive suggestions and your support. There is no claim for undetectable payloads currently in Villain. The default templates I've included that are used to generate payloads are mostly classic reverse shell scripts. I've made videos on how to edit and replace the payload templates with obfuscated versions or create new ones. Payloads that are FUD will not last in the -publicly available free and open source- context. They will get flagged within weeks.
Villain's main role is to handle multiple shell sessions of types TCP socket and HoaxShell while sharing them among connected sibling servers. The direction I am currently working on is not towards supplying people with undetectable payloads but provide a stable and flexible platform for others to build upon.
Lastly, calling this version "regrettable" is not inspiring at all, but I sincerely thank you for your insights and suggestions, I will definitely take them into consideration.
@Emmp7y thank you for the constructive suggestions and your support. There is no claim for undetectable payloads currently in Villain. The default templates I've included that are used to generate payloads are mostly classic reverse shell scripts. I've made videos on how to edit and replace the payload templates with obfuscated versions or create new ones. Payloads that are FUD will not last in the -publicly available free and open source- context. They will get flagged within weeks.
Villain's main role is to handle multiple shell sessions of types TCP socket and HoaxShell while sharing them among connected sibling servers. The direction I am currently working on is not towards supplying people with undetectable payloads but provide a stable and flexible platform for others to build upon.
Lastly, calling this version "regrettable" is not inspiring at all, but I sincerely thank you for your insights and suggestions, I will definitely take them into consideration.
Sorry, the word Regrettable was translated by Google, I don’t know what the actual meaning
Regarding the behavior of feature detection, I used the Go program to compile and run some detection of EDR completely
and Questions about his stability
My understanding is that when he started, he was similar to the NC monitoring
However, there will be some space surveying and mapping. When other network port scan and detection behavior, a non -normal client will go online
My suggestion: You can judge whether to go online by generating a specified parameter request
Sorry, English is not my mother tongue. Everything comes from Google Translation
@Emmp7y thank you for the constructive suggestions and your support. There is no claim for undetectable payloads currently in Villain. The default templates I've included that are used to generate payloads are mostly classic reverse shell scripts. I've made videos on how to edit and replace the payload templates with obfuscated versions or create new ones. Payloads that are FUD will not last in the -publicly available free and open source- context. They will get flagged within weeks.
Villain's main role is to handle multiple shell sessions of types TCP socket and HoaxShell while sharing them among connected sibling servers. The direction I am currently working on is not towards supplying people with undetectable payloads but provide a stable and flexible platform for others to build upon.
Lastly, calling this version "regrettable" is not inspiring at all, but I sincerely thank you for your insights and suggestions, I will definitely take them into consideration.
Um, this github account is my other account, lol