Skip to content

tensilick/goPostExploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

143 Commits
client
client
 
 
cmd
cmd
 
 
common/communication
common/communication
 
 
server
server
 
 
README.MD
README.MD
 
 
makefile
makefile
 
 

Repository files navigation

GoPostExploit

GoPostExploit is a multi-platform post-exploitation tool written in Go. It includes a server and client (agent). The agent beacons to the server regularly via http POST requests. The server sends back a list of commands to execute on the client in response to the beacon. Core commands consist of port forwards, reverse shell, and configuration modifications.

To minimize detection and enhance forensics resistance:

  • All GoPostExploit communications are encrypted and blend in with normal traffic. By default, beacons use HTTPS, while reverse shells and port forwards utilize SSH tunnels.
  • The http server mirrors a default nginx setup to external parties.
  • Key strings within the agent binary, including configuration, are encrypted using an AES random key.
  • The agent configuration is adaptable, allowing the user to set the beacon interval, user agent of beacons, and beacon end points among other parameters.

Disclaimer

GoPostExploit should not be used for illegal activities. It has no integrated functionality for criminal acts, nor will it be added. This means, for instance, that there is no persistence or modules for stealing system credentials. The new owner, tensilick, is not responsible for any misuse of go-implant.

Why GoPostExploit?

This project exists because no long-term deployable, cross-platform, flexible reverse shell featuring only basic functionality and standard protocols was available. GoPostExploit is an attempt to create one.

Features

  • Encrypted communications
  • Reverse shell access
  • Ability to upload / download files
  • Reverse port forwarding

Installation

apt install -y git make upx strip
git clone <new repo name>
cd <new repo name>
make deps

Compilation

Both GoPostExploit's client and server are standalone executables requiring compilation. The server has only been tested to compile and work on Linux. The client has been compiled on Linux and found to function on both Linux and Windows...

Debug builds

...To compile a debugging build, use the command:

make debug

...

Usage

...

Reverse shell and file access

...

Port forwarding

...

Future Release Plans

  • Incorporate x11 forwarding to unix ssh handler
  • Encrypt protocol strings

Contributing

Contributions are heartily welcomed! Please submit your thoroughly tested code as a pull request. Contributions towards documentation writing are also encouraged.

About

An adaptable multi-platform post-exploitation tool developed in Go offering essential functionalities.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages