Pupy
Pupy is a versatile, cross-platform (Windows, Linux, OSX, Android) remote administration tool (RAT) and post-exploitation framework primarily written in Python and C. It emphasizes in-memory execution to minimize its footprint.
Key features include:
- In-Memory Execution: Windows payloads load the Python interpreter directly from memory, avoiding disk writes.
- Multi-Transport Communication: Supports modular and stackable communication transports, including HTTP, AES, and XOR.
- Reflective Process Migration: Enables migration into other processes.
- Remote Module Loading: Allows importing Python packages and C extensions from memory.
- Interactive Shells: Provides interactive Python shells with auto-completion on remote interpreters, as well as remote command-line shells with full TTY support.
- Payload Generation: Generates payloads in various formats, including executables, DLLs, and Python one-liners.
- Scriptlets: Embeds scriptlets in payloads for offline task execution.
Use cases:
- Penetration testing and red teaming.
- Remote system administration.
- Post-exploitation activities.