{"id":14980297,"url":"https://github.com/elmerikh/keres","last_synced_at":"2025-10-28T23:31:29.855Z","repository":{"id":212536288,"uuid":"731734907","full_name":"ELMERIKH/Keres","owner":"ELMERIKH","description":"Persistent Powershell backdoor tool {😈}","archived":false,"fork":false,"pushed_at":"2024-05-05T21:01:26.000Z","size":330,"stargazers_count":99,"open_issues_count":0,"forks_count":11,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-05-30T01:18:03.513Z","etag":null,"topics":["backdoor-attacks","bypass-antivirus","exploit","payload-generator","payload-injector","powershell-payload","powershell-script","red-team-tools","reverse-shell"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ELMERIKH.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-12-14T18:52:08.000Z","updated_at":"2024-06-09T23:44:37.389Z","dependencies_parsed_at":"2024-02-14T20:40:56.591Z","dependency_job_id":"e5fca8d8-e429-44f5-adda-26d8f17e6781","html_url":"https://github.com/ELMERIKH/Keres","commit_stats":null,"previous_names":["elmerikh/keres"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ELMERIKH%2FKeres","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ELMERIKH%2FKeres/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ELMERIKH%2FKeres/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ELMERIKH%2FKeres/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ELMERIKH","download_url":"https://codeload.github.com/ELMERIKH/Keres/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238738020,"owners_count":19522296,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backdoor-attacks","bypass-antivirus","exploit","payload-generator","payload-injector","powershell-payload","powershell-script","red-team-tools","reverse-shell"],"created_at":"2024-09-24T14:01:34.615Z","updated_at":"2025-10-28T23:31:24.538Z","avatar_url":"https://github.com/ELMERIKH.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n![!\\[Alt text\\](\u003c\u003e)](\u003c2023-12-31 09_49_35-Kali-Linux-2021.3-vmware-amd64 - VMware Workstation 17 Player (Non-commercial us.png\u003e)\n\n\nGreetings\n-------------------------------------\n\nKeres a is Powershell rev-shell backdoor with persistence for windows and linux (pwsh)\n\nit generates a PE exe that spawns a powershell process that starts a powershell rev-shell with persistence (if process stops an other one is spawned , if process is running don t spawn new process)\n\neven if you exit break the shell you will the shell will always respawn on target\n\nalso it creates a Hidden batch and vbs file for persistent startup using reg.exe (value 'keres')\n\nyou can add -Ps (optional) to generate only a .ps1 file that do same thing\n\nrun the.ps1 file like the following for persistent startup (you can also change name of file btw ,reg value 'Meow'):\n\n./keres.ps1 -p\n\nnote : it s preferable to use -go arg to build from a go file instead of python for better evasion\n\n(python compilation with nuitka , go compilation with garble )\n\ntested and fully bypass windows 10/11\n--------------\ndo not upload binaries to virus total ;)\n\nUpdate ! : \n-------------------------------------------\n\nadded obfuscation for the PE using Pyarmor\n\nadded go binary build with garbel obfuscation\n\nto do : \n\nadd more options ( startup for linux...)\n\nPrerequisite:\n---------------\n\npython\n\ngo (if you want to build golang binary)\n\nSETUP :\n---------------------\n\ngit clone https://github.com/ELMERIKH/Keres\n\ncd keres\n\npip install -r requirements.txt\n\ngo install mvdan.cc/garble@latest\n\nexport PATH=$PATH:~/go/bin\n\nsudo apt install patchelf (Linux)\n\npython3 keres.py -h\n\n(PS : if on linux and want to compile a python win binary use wine to compile ./dist/pewpew.py or pewpew.py or just compile it on a windows env) \n\ntutorial: [wine-tuto](wine-tuto/wine.md)\n-------------------\n\nhow to listen for connections\n------------\nnc -lvnp 'port'\n\nor \n\nuse : https://github.com/ELMERIKH/SwordShell\n\nDISCLAIMER :\n----------------------------------\n\nME The author takes NO responsibility and/or liability for how you choose to use any of the tools/source code/any files provided. ME The author and anyone affiliated with will not be liable for any losses and/or damages in connection with use of Keres. By using Keres or any files included, you understand that you are AGREEING TO USE AT YOUR OWN RISK. Once again Keres is for EDUCATION and/or RESEARCH purposes ONLY.\n\n\n![!\\[Alt text\\](\u003c\u003e)](\u003chttps://github.com/ELMERIKH/ELMERIKH/assets/96123439/75d8cfd4-2701-43ca-8084-c48ed9f0ff26\u003e)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felmerikh%2Fkeres","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Felmerikh%2Fkeres","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felmerikh%2Fkeres/lists"}