Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Improvements:
bannergrab
plugin: scan internal ports & grab TCP banners (8f3af803979ec0990d140304e677375a78459a11)cloudcredgrab
plugin: cloud credentials hunter/grabber (45f516b0f83f663ef3fc69a89e55740373b3dcb4)proclist
: show process list on windows without command execution (71a3b231a71a5441cb8df9e4a13d278721093273)pygments
depencency to newest version (5d3f4c57c1c53ff36f5f8e1962b51206ff716903)CI & Tests:
Special thanks to @paralax for
bannergrab
,cloudcredgrab
&proclist
plugins !
Implemented enhancements:
CMD
when calling help CMD ARG
#70
help set \<VAR\>
: display buffer type description #67
set
should inform user that help set \<VAR\>
is available #62
alias \<VAR\> None
misses verbosity #59
help set \<SETTING\>
autocompletion #56
exploited
context #53
./deps/
folder is archaic #41
Fixed bugs:
suidroot
plugin makes invalid assumptions #105
lrun
command always returns 0 #83
corectl display-http-requests
: invalid log on POST method #65
alias
can override existing command #60
isolate\_readline\_context\(\)
don't isolates readline history #54
Closed issues:
corectl display-http-requests
not working when PROXY is set #135
help \<PLUGIN\>
lacks plugin informations #85
missing dependency
warnings at start #80