GitHub - gsociety0/AnonXploit: Windows RAT w/ antivirus bypass.

AnonXploit is a pentesting tool, that create a Powershell RAT. It can be used by organizations of all sizes, including individuals.

It was developed with the purpose of exploiting the vulnerability of creating a reverse shell between the pentester and the injected computer. This tool can work without warnings about viruses and suspicious connections.

📋 Table of Contents

1. 💻 Compatible Operating Systems

💻 Supported Operating Systems

We carried out the tests on systems based on Ubuntu, Debian and Termux. We believe it will also work on other systems, such as Fedora and Arch. The installation instructions are for Ubuntu/Debian and Termux only. If you don't know how to install on other operation system, google it.

🔨 Installation

Installation for Debian/Ubuntu

System Update

sudo apt update

Install Git

sudo apt install -y git

Download the Repository

git clone https://github.com/gsociety0/AnonXploit.git

Install AnonXploit

bash ./install

Installation for Termux

System Update

pkg update
pkg upgrade -y

Install Git

pkg install -y git

Install Python3

pkg install -y python python-pip

Download the Repository

git clone https://github.com/gsociety0/AnonXploit.git

Install AnonXploit

bash ./install

📡 How to Use

To create the RAT you need to run two programs, client.py and server.py. Where the client will automatically create the RAT, and the server will wait for the connection.

client.py

python3 client.py

server.py

python3 server.py

🪝 Social Engineering

(Ethically speaking) You need the other person to perform the RAT, for this, you can use Social Engineering (S.E) techniques. One of the ways that can be used is to convert this file into an Executable (.EXE), name it "picture.png.exe", define an icon of a photograph and send it to the person, making it appear that it is a photograph. Now, you study the situation and act in the best way possible.

☑️ Code Analysis

If you check the source code of the two main files (client.py/server.py) of AnonXploit file, you will notice that the code is obfuscated. This is done for security reasons and compatibility with WSL (Windows Subsystem for Linux), where the antivirus detected the files as viruses and deleted them.

🏛️ RAT Architecture

🔬 Virus Total

install file:

client.py file (91% undetectable):

server.py file:

DON'T UPLOAD THE RAT FILE TO VIRUS TOTAL!

The RAT bypasses Windows Defender antivirus. (Information verified until 1/28/2024)

"Files and URLs sent to VirusTotal will be shared with antivirus vendors and security companies..."

Source: Wikipedia

©️ License

This project is licensed under the GNU Affero General Public License v3.0

✅ Permission:

Patent use;

Commercial use;

Private use;

Distribution;

Modification.

✒️ Conditions:

Same license;

Disclose source;

License and copyright notice;

Network use is distribution;

State changes.

⚠️ Limitations:

Liability;

Warranty.

Name		Name	Last commit message	Last commit date
Latest commit History 29 Commits
.github/ISSUE_TEMPLATE		.github/ISSUE_TEMPLATE
src/img		src/img
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
LICENSE		LICENSE
README.md		README.md
SECURITY.md		SECURITY.md
client.py		client.py
install		install
logo.py		logo.py
server.py		server.py

License

gsociety0/AnonXploit

Folders and files

Latest commit

History

Repository files navigation

AnonXploit is a pentesting tool, that create a Powershell RAT. It can be used by organizations of all sizes, including individuals.

It was developed with the purpose of exploiting the vulnerability of creating a reverse shell between the pentester and the injected computer. This tool can work without warnings about viruses and suspicious connections.

📋 Table of Contents

💻 Supported Operating Systems

We carried out the tests on systems based on Ubuntu, Debian and Termux. We believe it will also work on other systems, such as Fedora and Arch. The installation instructions are for Ubuntu/Debian and Termux only. If you don't know how to install on other operation system, google it.

🔨 Installation

Installation for Debian/Ubuntu

System Update

Install Git

Download the Repository

Install AnonXploit

Installation for Termux

System Update

Install Git

Install Python3

Download the Repository

Install AnonXploit

📡 How to Use

To create the RAT you need to run two programs, client.py and server.py. Where the client will automatically create the RAT, and the server will wait for the connection.

client.py

server.py

🪝 Social Engineering

☑️ Code Analysis

If you check the source code of the two main files (client.py/server.py) of AnonXploit file, you will notice that the code is obfuscated. This is done for security reasons and compatibility with WSL (Windows Subsystem for Linux), where the antivirus detected the files as viruses and deleted them.

🏛️ RAT Architecture

🔬 Virus Total

install file:

client.py file (91% undetectable):

server.py file:

The RAT bypasses Windows Defender antivirus. (Information verified until 1/28/2024)

"Files and URLs sent to VirusTotal will be shared with antivirus vendors and security companies..."

Source: Wikipedia

©️ License

This project is licensed under the GNU Affero General Public License v3.0

✅ Permission:

✒️ Conditions:

⚠️ Limitations:

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Languages