Vulpes
Vulpes is a Command & Control Framework with a Python Backend and a C++ Implant. The Implant is designed to be as evasive as possible, whilst providing as much utility as possible.
The features:
- C++ Implant Utilising Object Oriented Programming (OOP) and Resource Acquisition is Initialised (RAII)
- C & Assembly Loader (Stage 0) which is fully Position Independent
- MinGW-w64 and Visual Studio Support
- Configurable Environmental Keying, anti-debug/sandbox, injection, and various implant settings (Export, Sleep, Jitter, Named Pipe, Parent Process, Spawn To, and so on
- Configurable Defensive Evasion (Patchless ETW/AMSI and Unhooking)
- Configurable API Endpoints, Verbs, Dynamic URI Handling, and implant-server authentication
- Mostly SysCalls (or dynamically resolved)
- Local and Remote CLR
- Runtime Configuration Changes
- Logging directly to Logstash
Additional Information:
Versions
Component | Version |
---|---|
Implant | 0.7 |
Server | 0.1.5 |