As my insufficient knowledge about RAT and C&C Server (at the time), and also the availablility of various practical FOSS RAT and C&C servers such as Quasar, pupy, PoshC2, Merlin, Metasploit, etc. The development of this project is completely stopped and archived.
This project was originally meant to be succeed by MyStealer project, but that project now is also archived too. Development of each component or feature, part is still on-line in separate repositories. (public)
Educational purpose. Do not execute client on your computor without any protection. Use at your own risk.
Use VM(VirtualBox, VMware, etc.) or Sandbox(Sandboxie, etc.) to execute the client.
- Use at your own risk
- When publishing, don't enable 'Trim unused code' option. It completely breaks the WMI data collector.
- Integrated C&C server and communicating protocol
- Process list collector
- Environment variable collector
- File uploader / downloader
- Remote file executor
- KeyLogger
- Clipboard Logger
- Screenshot Capturer
- Remote DLL Injector
- Remote Code Execution (Upload executable and execute remotely / Compile-and-Execute C# or VisualBasic.NET code with CodeDom)
- Remote Process Terminator / Memory Dumper
- Client Updater
- ZipBomb
- Fully encrypted communication between server and client -> Using X25519 ECDHE as key agreement algorithm, AES-256 as message encryption algorithm.
- Periodic key re-generating
- Self-replicate to random folder when executed
- Register itself on Task Scheduler, Registry Autorun, etc.
- When remote-code-execution, bypass getting detected by unpacking executables in ENCRYPTED form
- Store some strings (such as discord token stealer regex, etc.) in encrypted form to bypass getting detected by resource analysis