Create implants that can employ various sandbox detection methods, experimental hardware disruptors and active evasion techniques (such as empty buffer alocation, memory jumping, execution delay and self-removal). Read more about latest functionalities in v.2.0 introductory article.
All of the traffic between C2 server and the implant is TLS compliant. Self-signed certificates are created during each execution, and are embedded in the implant as variables before the compilation phase.
Implants compiled with enabled tunneling can communicate with a server that listens on a separate network segment. Send instructions to selected endpoints worldwide and receive output in real time.
Grab keystrokes, extract sensitive data, scan ports and dump passwords using intuitive CLI with tab-completion and suggestions.
If you have any questions regarding this tool or something does not work as expected, we are here to help.