Chapter 7. Github Command and Control

One of the most challenging aspects of creating a solid trojan framework is asynchronously controlling, updating, and receiving data from your deployed implants. It’s crucial to have a relatively universal way to push code to your remote trojans. This flexibility is required not just to control your trojans in order to perform different tasks, but also because you might have additional code that’s specific to the target operating system.

So while hackers have had lots of creative means of command and control over the years, such as IRC or even Twitter, we’ll try a service actually designed for code. We’ll use GitHub as a way to store implant configuration information and exfiltrated data, as well as any modules ...

Get Black Hat Python now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.