Welcome to CovertUtils‘s documentation!

This Project is free and open-source, available @ Github

A Blog post about it, explaining motivation and implementation internals is located in my personal blog: Securosophy

Not a Backdoor!

Well, almost not a backdoor. This project is a Python2 package containing enough modules for implementing custom backdoors. Everything, from file transferring to customized shells are included.

It is not a backdoor ready to be planted (well, most of the Programming Examples are). If you are looking for backdoors, RATs and such stuff in Python there are some awesome projects already:

This package contains most Building Blocks of a backdoor. it covers the most common coding tasks when creating anything from a simple reverse TCP shell to a full-blown feature-rich Agent.

It also uses a simplistic approach of what a backdoor is, breaking it down to its basic components:

  • Agent
  • Handler
  • Communication Channel
  • Protocol

Currently, covertutils package provides API for:

  • Encryption
  • Chunking
  • Separate Streams (almost like meterpreter‘s channels)
  • Compression before transmission
  • Packet Steganography
  • Customized Shell
  • Message Handling

And most of those features are used under the hood, without writing any additional line of code (e.g. encryption, compression, streams).

No Networking code included

The package provides a generic wrapper for networking, without implementing internally even the simplest of networking possibilities (e.g. bind TCP).

This design decision broadens the possibilities for Communication Channels that differ a lot from just layer 4/5 solutions. This way, there is space for Packet Steganography or even time-based Covert Channels.

And all that with the abstraction of Object Oriented Programming, as this package depends on it heavily (makes multiple-inheritance an everyday thing!).

All modules [citation needed] are documented automatically from comments with Sphinx apidoc. The output is below...

As the covertutils API Toc-Tree is huge (due to the code organizing, see: Package, subpackage and module structure), it is really handy to use the search page of Sphinx if you are looking for a specific class or method.

Note

For flawless backdoor creation don’t forget to fire up some Primus CDs or old blues standards while coding. Maybe light a cigar too.

Note

Creating stealthy backdoors requires intelligence, and intelligence is a terrible thing to waste.