Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/matheuzsecurity/d3m0n1z3dshell

Demonized Shell is an Advanced Tool for persistence in linux.
https://github.com/matheuzsecurity/d3m0n1z3dshell

advanced-persistence automated-persistence backdoor bash linux linux-persistence persistence red-team

Last synced: about 2 hours ago
JSON representation

Demonized Shell is an Advanced Tool for persistence in linux.

Host: GitHub
URL: https://github.com/matheuzsecurity/d3m0n1z3dshell
Owner: MatheuZSecurity
License: gpl-2.0
Created: 2023-05-30T02:30:47.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-08-29T12:55:39.000Z (3 months ago)
Last Synced: 2024-11-01T13:52:32.648Z (16 days ago)
Topics: advanced-persistence, automated-persistence, backdoor, bash, linux, linux-persistence, persistence, red-team
Language: Shell
Homepage:
Size: 14.9 MB
Stars: 300
Watchers: 7
Forks: 39
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

「😈」About D3m0n1z3dShell

Demonized Shell is an Advanced Tool for persistence in linux.

### Install

```
git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git
cd D3m0n1z3dShell
chmod +x demonizedshell.sh
sudo ./demonizedshell.sh
```

### One-Liner Install

Download D3m0n1z3dShell with all files:
```
curl -L https://github.com/MatheuZSecurity/D3m0n1z3dShell/archive/main.tar.gz | tar xz && cd D3m0n1z3dShell-main && sudo ./demonizedshell.sh
```

Load D3m0n1z3dShell statically (without the static-binaries directory):
```
sudo curl -s https://raw.githubusercontent.com/MatheuZSecurity/D3m0n1z3dShell/main/static/demonizedshell_static.sh -o /tmp/demonizedshell_static.sh && sudo bash /tmp/demonizedshell_static.sh
```

### Demonized Features

* Auto Generate SSH keypair for all users
* APT Persistence
* Crontab Persistence
* Systemd User level
* Systemd Root Level
* Bashrc Persistence
* Privileged user & SUID bash
* LKM Rootkit Modified, Bypassing rkhunter.
* LKM Rootkit With file encoder. persistent icmp backdoor and others features.
* ICMP Backdoor
* LD_PRELOAD Setup PrivEsc
* Static Binaries For Process Monitoring, Dump credentials, Enumeration, Trolling and Others Binaries.

### Pending Features

* [X] Process Injection
* [x] install for example: curl github.com/test/test/demonized.sh | bash
* [x] Static D3m0n1z3dShell
* [x] ELF/Rootkit Anti-Reversing Technique
* [ ] PAM Backdoor
* [x] rc.local Persistence
* [x] init.d Persistence
* [x] motd Persistence
* [x] Persistence via ACL.
* [x] Reverse shell with a process name of your choice.
* [ ] Udev persistence.

And other types of features that will come in the future.

## Contribution

If you want to contribute and help with the tool, please contact me on twitter: @MatheuzSecurity

## Note

> We are not responsible for any damage caused by this tool, use the tool intelligently and for educational purposes only.