Welcome to CovertUtils‘s documentation!¶
This Project is free and open-source, available @ Github
A Blog post about it, explaining motivation and implementation internals is located in my personal blog: Securosophy
Not a Backdoor!¶
Well, almost not a backdoor. This project is a Python2 package containing enough modules for implementing custom backdoors. Everything, from file transferring to customized shells are included.
It is not a backdoor ready to be planted (well, most of the Programming Examples are). If you are looking for backdoors, RATs and such stuff in Python there are some awesome projects already:
This package contains most Building Blocks of a backdoor. it covers the most common coding tasks when creating anything from a simple reverse TCP shell to a full-blown feature-rich Agent.
It also uses a simplistic approach of what a backdoor is, breaking it down to its basic components:
- Communication Channel
Currently, covertutils package provides API for:
- Separate Streams (almost like meterpreter‘s channels)
- Compression before transmission
- Packet Steganography
- Customized Shell
- Message Handling
And most of those features are used under the hood, without writing any additional line of code (e.g. encryption, compression, streams).
No Networking code included¶
The package provides a generic wrapper for networking, without implementing internally even the simplest of networking possibilities (e.g. bind TCP).
This design decision broadens the possibilities for Communication Channels that differ a lot from just layer 4/5 solutions. This way, there is space for Packet Steganography or even time-based Covert Channels.
And all that with the abstraction of Object Oriented Programming, as this package depends on it heavily (makes multiple-inheritance an everyday thing!).
- Internal Components
- Ingredients for Cooking a Backdoor
- Shells & SubShells
- Beyond the OS Shell
- Totally IDS/IPS evading payloads
- Staging Python code
- Assembling a Backdoor from Scratch - The Tutorial Restaurant
- Programming Examples
- Creating Custom Stages and Modules
All modules  are documented automatically from comments with Sphinx apidoc. The output is below...
- covertutils package
- covertutils.exceptions module
- covertutils.helpers module
- Module contents
As the covertutils API Toc-Tree is huge (due to the code organizing, see: Package, subpackage and module structure), it is really handy to use the search page of Sphinx if you are looking for a specific class or method.
For flawless backdoor creation don’t forget to fire up some Primus CDs or old blues standards while coding. Maybe light a cigar too.
Creating stealthy backdoors requires intelligence, and intelligence is a terrible thing to waste.