{"id":13389820,"url":"https://github.com/nccgroup/ABPTTS","last_synced_at":"2025-03-13T14:32:07.482Z","repository":{"id":37412583,"uuid":"64512250","full_name":"nccgroup/ABPTTS","owner":"nccgroup","description":"TCP tunneling over HTTP/HTTPS for web application servers","archived":false,"fork":false,"pushed_at":"2016-08-12T19:36:24.000Z","size":6556,"stargazers_count":732,"open_issues_count":3,"forks_count":151,"subscribers_count":23,"default_branch":"master","last_synced_at":"2025-03-10T18:09:48.137Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nccgroup.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"license.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-07-29T21:45:57.000Z","updated_at":"2025-03-03T18:53:49.000Z","dependencies_parsed_at":"2022-08-17T01:30:21.806Z","dependency_job_id":null,"html_url":"https://github.com/nccgroup/ABPTTS","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FABPTTS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FABPTTS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FABPTTS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FABPTTS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nccgroup","download_url":"https://codeload.github.com/nccgroup/ABPTTS/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243422625,"owners_count":20288493,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T13:01:34.324Z","updated_at":"2025-03-13T14:32:04.633Z","avatar_url":"https://github.com/nccgroup.png","language":"Python","funding_links":[],"categories":["Python (1887)","Python"],"sub_categories":[],"readme":"# A Black Path Toward The Sun\n(TCP tunneling over HTTP for web application servers)\n\nhttps://www.blackhat.com/us-16/arsenal.html#a-black-path-toward-the-sun\n\nBen Lincoln, NCC Group, 2016\n\nABPTTS uses a Python client script and a web application server page/package[1]\nto tunnel TCP traffic over an HTTP/HTTPS connection to a web application \nserver. In other words, anywhere that one could deploy a web shell, one should\nnow be able to establish a full TCP tunnel. This permits making RDP, \ninteractive SSH, Meterpreter, and other connections through the web \napplication server.\n\nThe communication is designed to be fully compliant with HTTP standards, \nmeaning that in addition to tunneling *in* through a target web application \nserver, it can be used to establish an *outbound* connection through \npacket-inspecting firewalls.\n\nA number of novel features are used to make detection of its traffic \nchallenging. In addition to its usefulness to authorized penetration testers, \nit is intended to provide IDS/WPS/WAF developers with a safe, live example of\nmalicious traffic that evades simplistic regex-pattern-based signature models.\n\nAn extensive manual is provided in PDF form, and walks the user through a \nvariety of deployment scenarios.\n\nThis tool is released under version 2 of the GPL.\n\n[1] Currently JSP/WAR and ASP.NET server-side components are included.\n\nCompare and contrast with:\n\n- reGeorg (https://github.com/sensepost/reGeorg)\n\n- HTTP tunnel for Node.js (https://github.com/johncant/node-http-tunnel)\n\nNamed as an oblique reference to Cordyceps/Ophiocordyceps, e.g.:\nhttp://www.insectimages.org/browse/detail.cfm?imgnum=0014287\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnccgroup%2FABPTTS","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnccgroup%2FABPTTS","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnccgroup%2FABPTTS/lists"}