Vulpes

Vulpes is a Command & Control Framework with a Python Backend and a C++ Implant. The Implant is designed to be as evasive as possible, whilst providing as much utility as possible.

The features:

• C++ Implant Utilising Object Oriented Programming (OOP) and Resource Acquisition is Initialised (RAII)
• C & Assembly Loader (Stage 0) which is fully Position Independent
• MinGW-w64 and Visual Studio Support
• Configurable Environmental Keying, anti-debug/sandbox, injection, and various implant settings (Export, Sleep, Jitter, Named Pipe, Parent Process, Spawn To, and so on
• Configurable Defensive Evasion (Patchless ETW/AMSI and Unhooking)
• Configurable API Endpoints, Verbs, Dynamic URI Handling, and implant-server authentication
• Mostly SysCalls (or dynamically resolved)
• Local and Remote CLR
• Runtime Configuration Changes
• Logging directly to Logstash

Additional Information:

• Starting Vulpes
• Web UI
• Communcation
• Runtime
• Commands
• Logging

Versions