Sunday, December 11, 2016

Caspers.py FUD Python Botnet




CasperS.py - Botnet Console
Botnet Shell like meterpreter in metasploit

Botnet Panel


currently feature (Updated on 02-25-2017):

  • Builder (added at 02-25-2017)
  • Panel (added at 02-25-2017)
  • video demo (soon will be added)
  • Bot Shell Meterpreter (added at 02-25-2017)
  • remote cmd.exe shell
  • persistence (AV or System Utilities cannot remove it)
  • file upload/download
  • screenshot
  • keylogger

The most interresting part is...


It will fully undetectable forever 


Because Python is scripting language based on python interpreter obviously, and as a scripting language Python offer an advantage to an malware coder like me they provide a layer of abstraction that AV has no idea how to interpret.

For example, a common AV bypass technique is to package malicious Python scripts into an executable. AV has a hard time distinguishing the resulting binary as malicious or legitimate because the Python interpreter itself has plenty of legitimate uses.

So CasperSpy in python offers a distinct advantage in this scenario due to its tight integration with the Windows OS and considering it’s based upon the Python Library.

With such a powerful module payloads, there is no need to drop files on disk. Everything, with the possible exception of the script itself run entirely memory-resident.

Java based RAT has same method to prevent AV detection but i heard that in latest Java this method is not work anymore some security researcher in Oracle have update their security in Java 8

Download

I will release it soon make sure to bookmark my blog and follow my twitter @casperspy to get notified!