This Project is free and open-source, available @ Github
A Blog post about it, explaining motivation and implementation internals can be found in my personal blog: Securosophy
Not a Backdoor!¶
Well, almost not a backdoor. This project is a Python2 package containing enough modules for implementing custom backdoors. Everything, from file transfer to customized shells is included.
It is not a backdoor ready to be planted (well, most of the Programming Examples are). If you are looking for backdoors, RATs and such stuff in Python there are some awesome projects already:
This package contains most Building Blocks of a backdoor. It covers the common coding tasks when creating anything from a simple reverse TCP shell to a full-blown, feature-rich, extend-able, Agent.
It also uses a simplistic approach of what a backdoor is, breaking it down to its basic components:
- Communication Channel
covertutils package provides API for:
- Separate Streams (almost like meterpreter’s channels)
- Compression before transmission
- Packet Steganography
- Customized Shell
- Message Handling
- Custom Shell creation
And most of those features are used under the hood, without writing any additional line of code (e.g. encryption, compression, streams).
No Networking code included¶
The package provides a generic wrapper for networking, without implementing internally even the simplest of networking possibilities (e.g. bind TCP).
This design decision broadens the possibilities for Communication Channels that differ a lot from just layer 4/5 solutions. This way, there is space for Packet Steganography or even time-based Covert Channels.
And all that with the abstraction of Object Oriented Programming, as this package depends on it heavily.
- Internal Components
- Ingredients for Cooking a Backdoor
- Shells & SubShells
- Beyond the OS Shell
- Totally IDS/IPS evading payloads
- Staging Python code
- Assembling a Backdoor from Scratch - The Tutorial Restaurant
- Programming Examples
- Creating Custom Stages and Modules
- Pozzo & Lucky
All modules  are documented automatically from comments with Sphinx
apidoc. The output is below…
As the covertutils API Toc-Tree is huge (due to the code organizing, see: Package, subpackage and module structure), it is really handy to use the search page of Sphinx if you are looking for a specific class or method.
For flawless backdoor creation don’t forget to fire up some Primus CDs or old blues standards while coding. Maybe light a cigar too.
Creating stealthy backdoors requires intelligence, and intelligence is a terrible thing to waste.