Pupy is an open source, cross-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports, migrate into processes (reflective injection), load remote python code, python packages and python C-extensions from memory.

Implemented Modules

All platforms:

• command execution
• download
• upload
• interactive python shell with auto-completion
• interactive shell (cmd.exe, powershell.exe, /bin/sh, /bin/bash, …)
• tty allocation is well supported on both windows and *nix. Just looks like a ssh shell
• shellcode exec
• persistence
• socks5 proxy
• local and remote port forwarding
• screenshot
• keylogger
• run the awesome credential gathering tool LaZagne from memory !
• sniff tools, netcreds
• process migration (windows & linux, not osx yet)
• a lot of other tools (upnp client, various recon/pivot tools using impacket remotely, …)

Windows specific :

• migrate
• inter process architecture injection also works (x86->x64 and x64->x86)
• in memory execution of PE exe both x86 and x64!
• works very well with mimitakz
• webcam snapshot
• microphone recorder
• mouselogger:
• takes small screenshots around the mouse at each click and send them back to the server
• token manipulation
• getsystem
• creddump
• tons of useful powershell scripts

Android specific

• Text to speech for Android to say stuff out loud
• webcam snapshots (front cam & back cam)
• GPS tracker

Pupy modules can transparently access remote python objects using rpyc to perform various interactive tasks.

Download Now