Category : Blog
Pupy a Killer RAT
Pupy is an open source Remote Administration Tool which have an embedded Python interpreter. It is a cross platform based interpreter which allows to load Python packages from memory and access python objects. As it uses reflection dill injection in windows leaving no traces of it on the disk. Due to this feature malware scanners detects it as it dosent touch the disk like the meterpreter reverse _shell.
- On windows, the Pupy payload is compiled as a reflective DLL and the whole python interpreter is loaded from memory. it does not touch the disk
- It can reflectively migrate into other processes
- Pupy can remotely import, from memory, pure python packages (.py, .pyc) and compiled python C extensions (.pyd).
- Modules are quite simple to write and pupy is easily extensible.
- A lot of awesome modules are already implemented !
- It uses rpyc and a module can directly access python objects on the remote client
- Communication transports are modular and it can communicate using obfsproxy pluggable transports
- All the non interactive modules can be dispatched on multiple hosts in one command
- Multi-platform (tested on windows 7, windows xp, kali linux, ubuntu, osx)
- Modules can be executed as background jobs and their output be retrieved later
- Commands and scripts running on remote hosts are interruptible
- Auto-completion for commands and arguments
- Nice colored output
- Commands aliases can be defined in the config
Want to know more:
Most Popular Courses
- Ethical Hacking Training
- C | EH v9 Global Certification
- Winter Training for CSE | IT | MCA | BCA students