https://github.com/joelgmsec/nekodns

Experimental Reverse DNS Shell
https://github.com/joelgmsec/nekodns

dns domain hacking random redteam reverse shell

Last synced: 3 months ago
JSON representation

Experimental Reverse DNS Shell

• Host: GitHub
• URL: https://github.com/joelgmsec/nekodns
• Owner: JoelGMSec
• License: gpl-3.0
• Created: 2025-06-07T11:04:46.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-09-04T08:33:53.000Z (10 months ago)
• Last Synced: 2025-09-14T05:52:46.202Z (9 months ago)
• Topics: dns, domain, hacking, random, redteam, reverse, shell
• Language: Python
• Homepage: https://darkbyte.net
• Size: 388 KB
• Stars: 7
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          


# NekoDNS

### Experimental Reverse DNS Shell

NekoDNS is an experimental tool that leverages **DNS resolutions** to establish a Reverse Shell over DNS.  

Communication is performed through DNS queries (AAAA/A records) that carry commands and responses as fragmented and reversed hexadecimal data, making detection by automated tools very difficult. The project provides a **server (Python)** and clients in **Bash (Linux)** and **PowerShell (Windows)** to support different environments.

## ✨ Features

- 🔍 **Evasion**: Random data and domains in each request (`-random`)

- ⚡ **Flow control**: Adjustable chunk size and sleep interval (`-l`, `-i`)

- 📂 **File management**: Built-in **upload/download** support

- 💻 **Cross-platform**: Linux (Bash) and Windows (PowerShell) clients

- 🐱 **Fully integrated** into Kitsune (https://github.com/JoelGMSec/Kitsune)

- 🔑 **Privilege escalation support** with `sudo`/`su` in Linux

- 📜 **Import PowerShell scripts** directly on Windows clients (`import-ps1`)

## ⚙️ Requirements

- Python 3 + install requirements.txt

- Bash + dig + xxd (for Linux client)

- PowerShell 4.0 (for Windows client)

Install dependencies:

```bash

pip install -r requirements.txt

```

## 🚀 Usage

```java

python3 NekoDNS.py -h             

  _   _      _         ____  _   _ ____  

 | \ | | __ | | __ __ |  _ \| \ | / ___| 

 |  \| |/ _ \ |/ / _ \| | | |  \| \___ \ 

 | |\  |  __/   < (_) | |_| | |\  |___) |

 |_| \_|\___|_|\_\___/|____/|_| \_|____/ 

                                         

                                               

  ----------- by @JoelGMSec -----------

[!] Usage: python3 NekoDNS.py   <-udp/-tcp>

```

**Arguments**:

- `` → IP address to listen (0.0.0.0 by default)  

- `` → Port to listen (53 by default)  

- `<-udp/-tcp>` → Protocol to use (UDP or TCP)  

**Available Commands**:

- `upload` → Upload a file from local to remote computer

- `download` → Download a file from remote to local computer

- `import-ps1` → Import PowerShell script on Windows hosts

- `sudo` → Execute with sudo privileges on Linux hosts

- `clear/cls` → Clear terminal screen

- `kill` → Kill client connection

- `exit` → Exit from program

## 📸 Screenshots



## 🗂️ Documentation

The detailed guide of use can be found at the following link:

https://darkbyte.net/nekodns-jugando-con-dns-una-vez-mas

## 📄 License

This project is licensed under the GNU GPL-3.0 license - See the LICENSE file for more details.

## 👨‍💻 Contact

For more information, you can find me on Twitter as [@JoelGMSec](https://twitter.com/JoelGMSec) 

Other ways to contact me on my blog [darkbyte.net](https://darkbyte.net)

## ⚠️ Disclaimer

This software comes with no warranty, exclusively for educational purposes and authorized security audits.

The author is not responsible for any misuse or damage caused by this software.

# ☕ Support

Support my work by buying me a coffee:

[](https://www.buymeacoffee.com/joelgmsec)