{"id":13454442,"url":"https://github.com/n1nj4sec/pupy","last_synced_at":"2025-04-10T15:33:05.700Z","repository":{"id":37789868,"uuid":"42882329","full_name":"n1nj4sec/pupy","owner":"n1nj4sec","description":"Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C","archived":false,"fork":false,"pushed_at":"2024-03-22T08:52:53.000Z","size":31930,"stargazers_count":8651,"open_issues_count":178,"forks_count":1819,"subscribers_count":466,"default_branch":"unstable","last_synced_at":"2025-04-03T10:32:33.010Z","etag":null,"topics":["android","backdoor","linux","mac-os","meterpreter","payload","pentesting","post-exploitation","pupy","python","rat","reflective-injection","remote-access","remote-admin-tool","reverse-shell","shell","windows"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/n1nj4sec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-09-21T17:30:53.000Z","updated_at":"2025-04-03T08:25:45.000Z","dependencies_parsed_at":"2023-02-10T22:01:27.047Z","dependency_job_id":"364661fc-ad96-4784-95b1-544c05e8834a","html_url":"https://github.com/n1nj4sec/pupy","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n1nj4sec%2Fpupy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n1nj4sec%2Fpupy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n1nj4sec%2Fpupy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n1nj4sec%2Fpupy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/n1nj4sec","download_url":"https://codeload.github.com/n1nj4sec/pupy/tar.gz/refs/heads/unstable","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248243471,"owners_count":21071054,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","backdoor","linux","mac-os","meterpreter","payload","pentesting","post-exploitation","pupy","python","rat","reflective-injection","remote-access","remote-admin-tool","reverse-shell","shell","windows"],"created_at":"2024-07-31T08:00:54.115Z","updated_at":"2025-04-10T15:33:05.673Z","avatar_url":"https://github.com/n1nj4sec.png","language":"Python","funding_links":[],"categories":["Tools","Python","\u003ca id=\"tag-dev\" href=\"#tag-dev\"\u003eDev\u003c/a\u003e","Uncategorized","\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","Multi-paradigm Frameworks","\u003ca id=\"98000cf45f63bf295d39e9255d7972ca\"\u003e\u003c/a\u003epupy","\u003ca id=\"783f861b9f822127dba99acb55687cbb\"\u003e\u003c/a\u003e工具","Red Team","[↑](#table-of-contents) C2"],"sub_categories":["RAT","Multi-paradigm Frameworks","\u003ca id=\"tag-dev.security\" href=\"#tag-dev.security\"\u003eSecurity\u003c/a\u003e","Uncategorized","\u003ca id=\"80301821d0f5d8ec2dd3754ebb1b4b10\"\u003e\u003c/a\u003ePayload\u0026\u0026远控\u0026\u0026RAT","Intentionally Vulnerable Systems as Docker Containers","\u003ca id=\"ff6ee8128d4f01f80c3f2bb522f0d5e9\"\u003e\u003c/a\u003e工具","\u003ca id=\"b318465d0d415e35fc0883e9894261d1\"\u003e\u003c/a\u003e远控\u0026\u0026RAT","C2 Frameworks","Forensics","Docker Containers of Penetration Testing Distributions and Tools","Open Source"],"readme":"# Pupy\n\n[![Build Status](https://api.travis-ci.org/n1nj4sec/pupy.svg?branch=unstable)](https://travis-ci.org/n1nj4sec/pupy)\n\n## Installation\n\nInstallation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to use Docker Compose.\n\n[Refer to the wiki](https://github.com/n1nj4sec/pupy/wiki/Installation)\n\n## Description\n\nPupy is a cross-platform, multi function RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory.\n\n## Features\n\n- Windows payload can load the entire Python interpreter from memory using a reflective DLL.\n\t- Pupy does not touch the disk.\n\n- Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.\n\t- PyCrypto gets replaced by pure Python AES \u0026 RSA implementations when unavailable.\n\n- Reflectively migrate into other processes.\n- Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.\n\t- Imported python modules do not touch the disk.\n\n- Easily extensible, modules are simple to write and are sorted by os and category.\n\n- Modules can directly access python objects on the remote client using [rpyc](https://github.com/tomerfiliba/rpyc).\n\n- Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.\n\n- Communication transports are modular and stackable. Exfiltrate data using HTTP over HTTP over AES over XOR, or any combination of the available transports.\n\n- Communicate using obfsproxy [pluggable transports.](https://www.torproject.org/docs/pluggable-transports.html.en)\n\n- Execute noninteractive commands on multiple hosts at once.\n\n- Commands and scripts running on remote hosts are interruptible.\n\n- Auto-completion for commands and arguments.\n\n- Custom config can be defined: command aliases, modules. automatically run at connection, etc.\n\n- Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.\n\n- Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.\n\t- Remote shells on Unix \u0026 Windows clients have a real tty with all keyboard signals working just like an SSH shell.\n\n- Execute PE executable remotely and from memory.\n\n- Generate payloads in various formats:\n\n| Format | Architecture | Short Name |\n|---|---|---|\nAndroid Package | x86 \u0026 ARMv7 | apk\nLinux Binary | x86 | lin_x86\nLinux Binary | x64 | lin_x64\nLinux Shared Object | x86 | so_x86\nLinux Shared Object | x64 | so_x64\nWindows PE Executable | x86 | exe_x86\nWindows PE Executable | x64 | exe_x64\nWindows DLL | x86 | dll_x86\nWindows DLL | x64 | dll_x64\nPython Script | x86 \u0026 x64 | py\nPyInstaller | x86 \u0026 x64 | pyinst\nPython Oneliner | x86 \u0026 x64 | py_oneliner\nPowershell | x86 \u0026 x64 | ps1\nPowershell Oneliner | x86 \u0026 x64 | ps1_oneliner\nDucky Script | N/A | rubber_ducky\n\n- Deploy in memory from a single command line using python or powershell one-liners.\n\n- Embed \"scriptlets\" in generated payloads to perform some tasks \"offline\" without needing network connectivity (ex: start keylogger, add persistence, execute custom python script, check_vm, etc.)\n\n- Multiple Target Platforms:\n\n| Platform | Support Status |\n|---|---|\nWindows XP | Supported\nWindows 7 | Supported\nWindows 8 | Supported\nWindows 10 | Supported\nLinux | Supported\nMac OSX | Limited Support\nAndroid | Limited Support\n\n## Documentation\n\nAll documentation can be found on the wiki.\n\n[Refer to the wiki](https://github.com/n1nj4sec/pupy/wiki)\n\n## FAQ\n\n\u003e Does the server work on windows?\n\nPupy has not been tested on Windows. Theoretically, it should work on any platform that supports Docker and Docker Compose. However, you will need to adapt the Docker Compose installation instructions for the Windows platform.\n\n\u003e I can't install Pupy. The installation fails.\n\n1. Please refer to the wiki. It is possible that your answer is there.\n2. Search the Github issues and see if your issue was already solved.\n3. If you issue was not solved, open a new issue following the [issue guidelines](https://github.com/n1nj4sec/pupy/wiki/Issue-Guidelines).\n\nIf you do not follow these steps, you issue will be closed.\n\n\u003e Android and/or Mac OSX payloads and modules don't work.\n\nPupy has _limited_ support for Android and OSX. These platforms may not be well maintained and may break intermittently. Some modules (i.e. keylogger) may be missing for these platforms.\n\n## Development\n\nIf some of you want to participate to pupy development, don't hesitate! All help is greatly appreciated and all pull requests will be reviewed.\n\nAlso there is small [note](https://github.com/n1nj4sec/pupy/wiki/Development) about development. Please run flake8 before doing any commits. File with config is [here](pupy/tox.ini).\n\n## Contact\n\n| Platform | Contact Info |\n|---|---|\nEmail | contact@n1nj4.eu\nTwitter | https://twitter.com/n1nj4sec\n\nThis project is a [personal development](https://en.wikipedia.org/wiki/Personal_development), please respect its philosophy and don't use it for evil purposes!\n\n## Special thanks\n\nSpecial thanks to all contributors that help improve pupy and make it a better tool! :)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fn1nj4sec%2Fpupy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fn1nj4sec%2Fpupy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fn1nj4sec%2Fpupy/lists"}