[Offensive Security] Command and Control with Pupy!!
3 min readJan 16, 2022
What is Pupy?
Pupy is an open-source remote admin and post-exploitation tool written in python. Pupy executes in memory, allowing it to leave a low footprint. Pupy also offers multiple communications channel options to make traffic.
MITRE ATT&CK
- initial access
- execution
- persistence
- privillege escalation
- defense evasion
- credential access
- discovery
- lateral movement
- collection
- command & control
- exfilltration
- impact
DEMO
Installation
To install pupy execute the following commands one by one :
git clone https://github.com/n1nj4sec/pupyNow download all the requirements using pip like the following command :
cd pupy
pip install -r requirements.txtNow run pupy using the following command :
./pupysh.pyEstablish a new session
Pupy Server: Main Terminal
config list
- This command shows all configurations, including the [listeners].