gokupwn / EvilGithubIssue

I will update it soon for now. Abuse Github issue comment attachment to use GitHub as a stealthy C2

EvilGithubIssue

Demo:

Setup:

How to get your github COOKIE and github AUTHENTICITY_TOKEN

Usage:

#1 - Start The C2 Client
python .\githubc2-client.py
#2 - Start The Implant (This is just a POC!)
python .\githubc2-implant.py

Compile The Impant (Windows Only)

# Don't forget to initialize the FIRST_TASK_ID 
# the value needed for the FIRST_TASK_IDtake variable 
# can be found in the server.ini file (first_command)
# !!!Execute the server first!!!! to obtain the first_command

####### You can compile now #######
# compile the C2 Impant
.\compile_to_exe.bat

Illustration:

Implant Details

SOON (for now read the code!)

Resources:

https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/#google_vignette

About

I will update it soon for now. Abuse Github issue comment attachment to use GitHub as a stealthy C2

Languages

Language:Python 99.0%Language:Batchfile 1.0%