{"id":13510674,"url":"https://github.com/t3l3machus/Villain","last_synced_at":"2025-03-30T16:34:36.218Z","repository":{"id":63196427,"uuid":"557545904","full_name":"t3l3machus/Villain","owner":"t3l3machus","description":"Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP \u0026 HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).","archived":false,"fork":false,"pushed_at":"2024-10-23T14:32:46.000Z","size":677,"stargazers_count":3773,"open_issues_count":18,"forks_count":608,"subscribers_count":67,"default_branch":"main","last_synced_at":"2024-10-23T17:26:46.882Z","etag":null,"topics":["c2","cybersecurity","hacking","hacking-tool","offensive-security","open-source","penetration-testing","penetration-testing-tools","pentest","pentesting","readteaming","redteam","redteam-tools"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/t3l3machus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-25T22:02:59.000Z","updated_at":"2024-10-23T14:57:03.000Z","dependencies_parsed_at":"2023-12-19T16:04:28.168Z","dependency_job_id":"df55a5ae-da05-4569-b5d4-b4f2d05c48c4","html_url":"https://github.com/t3l3machus/Villain","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2FVillain","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2FVillain/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2FVillain/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3l3machus%2FVillain/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/t3l3machus","download_url":"https://codeload.github.com/t3l3machus/Villain/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222566739,"owners_count":17004237,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c2","cybersecurity","hacking","hacking-tool","offensive-security","open-source","penetration-testing","penetration-testing-tools","pentest","pentesting","readteaming","redteam","redteam-tools"],"created_at":"2024-08-01T02:01:49.302Z","updated_at":"2024-11-01T11:31:01.528Z","avatar_url":"https://github.com/t3l3machus.png","language":"Python","funding_links":[],"categories":["Python","webshell_shellcode","redteam","Red Team","pentesting"],"sub_categories":["资源传输下载","C2 Frameworks"],"readme":"# Villain\n[![Python](https://img.shields.io/badge/Python-%E2%89%A5%203.6-yellow.svg)](https://www.python.org/) \n\u003cimg src=\"https://img.shields.io/badge/PowerShell-%E2%89%A5%20v3.0-blue\"\u003e\n\u003cimg src=\"https://img.shields.io/badge/Developed%20on-kali%20linux-blueviolet\"\u003e\n[![License](https://img.shields.io/badge/License-CC%20Attr--NonCommercial%204.0-red)](https://github.com/t3l3machus/Villain/blob/main/LICENSE.md)\n\u003cimg src=\"https://img.shields.io/badge/Maintained%3F-Yes-96c40f\"\u003e\n\n## Purpose\nVillain is a high-level Stage 0/1 C2 framework that can handle multiple reverse TCP and HoaxShell-based shells, enhance their functionality with additional features (commands, utilities), and share them among connected sibling servers (Villain instances running on different machines).  \n\nThe framework's main features include:\n - Payload generation based on default, customizable and/or user defined payload templates (Windows \u0026 Linux),\n - A dynamically engaged pseudo-shell prompt that can quickly swift between shell sessions,\n - File uploads (via http),\n - Fileless execution of scripts against active sessions,\n - Auto-invoke ConPtyShell against a powershell r-shell session as a new process to gain a fully interactive Windows shell,\n - Multiplayer mode,\n - Session Defender (a feature that inspects user issued commands for mistakes / unintentional input that may cause a shell to hang).\n   \n\n### Video Presentations\nThere’s no up-to-date presentation of Villain with its latest features, but these videos give a good overview of its functionality.  \n[2022-11-30] [John Hammond](https://github.com/JohnHammond) showcased the tool in this incredible video -\u003e [youtube.com/watch?v=pTUggbSCqA0](https://www.youtube.com/watch?v=pTUggbSCqA0)  \n[2023-03-30] Version 2.0.0 release demo, made by me -\u003e [youtube.com/watch?v=NqZEmBsLCvQ](https://www.youtube.com/watch?v=HR1KM8wrSV8)  \n\n\n| :exclamation:  **Disclaimer**  |\n|---------------------------------|\n| **This project is in active development**. Expect breaking changes with releases. |\n| Using this tool against hosts that you do not have explicit permission to test is illegal. You are responsible for any trouble you may cause by using this tool. |\n\n## Preview\n\n\nhttps://github.com/t3l3machus/Villain/assets/75489922/20bf0ad5-d06f-4658-bb43-1bb0359fe3f7\n\n\n\n\n![image](https://user-images.githubusercontent.com/75489922/228979419-340918d4-3c04-48b6-913a-91aaf8756ff6.png)  \n\n## Installation \n\nVillain has been explicitly developed and tested on **kali linux**. You can install it with `apt`:\n```\napt install villain\n```\n\n❗New releases may take time to be incorporated into kali's repositories. \n\nFor the latest version or if you prefer to install it manually:\n```\ngit clone https://github.com/t3l3machus/Villain\ncd ./Villain\npip3 install -r requirements.txt\n```\n\nYou must also install `gnome-terminal` (required for one of the framework's commands):\n```\nsudo apt update\u0026\u0026sudo apt install gnome-terminal\n```\n\n## Usage\nYou should run as root:\n```\nvillain [-h] [-p PORT] [-x HOAX_PORT] [-n NETCAT_PORT] [-f FILE_SMUGGLER_PORT] [-i] [-c CERTFILE] [-k KEYFILE] [-u] [-q] \n```\n\nCheck out the [Usage Guide](https://github.com/t3l3machus/Villain/blob/main/Usage_Guide.md) for more.  \n\n:warning: Create your own obfuscated reverse shell templates and replace the default ones in your instance of Villain to better handle AV evasion. Here's how 📽️ -\u003e [youtube.com/watch?v=grSBdZdUya0](https://www.youtube.com/watch?v=grSBdZdUya0)\n\n## Contributions\nPull requests are generally welcome. Please, keep in mind: I am constantly working on new tools as well as maintaining several existing ones. I may be slow to respond.\nIf you have an idea for a new feature that comes with a significant chunk of code, I suggest you first contact me to discuss if there's something similar already in the making, before making a PR. \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ft3l3machus%2FVillain","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ft3l3machus%2FVillain","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ft3l3machus%2FVillain/lists"}