Documentation
¶
Index ¶
Constants ¶
View Source
const Base64 = b64(0)
Base64 is a transform that auto converts the data to and from Base64 encoding. This instance does not include any shifting.
Variables ¶
View Source
var ( // DNS is the standard DNS Transform struct. This struct uses the default DNS addresses contained // in 'DefaultDNSNames' to spoof DNS packets. Custom options may be used by creating a new DNS struct or // updating the 'Domains' property. DNS = new(DNSClient) // DefaultDomains is in array of DNS names to be used if the 'Domains' property of a DNS struct is empty. DefaultDomains = []string{ "duckduckgo.com", "google.com", "microsoft.com", "amazon.com", "cnn.com", "youtube.com", "twitch.tv", "reddit.com", "facebook.com", "slack.com", } // ErrInvalidLength is an error raised by the Read and Write functions // if the byte array supplied is smaller than the required byte size to // Transform into a DNS packet. ErrInvalidLength = xerr.New("length of byte array is invalid") )
Functions ¶
This section is empty.
Types ¶
type DNSClient ¶
type DNSClient struct {
Domains []string
// contains filtered or unexported fields
}
DNSClient is a Transform struct that attempts to mask C2 traffic in the form of DNS request packets.
type Value ¶
Value is an interface that can modify the data BEFORE it is written or AFTER is read from a Connection. Transforms may be used to mask and unmask communications as benign protocols such as DNS, FTP or HTTP. This is just a compatibility interface to prevent import dependency cycles
func Base64Shift ¶
Base64Shift returns a Base64 Transform that also shifts the bytes by the specified amount before writes and after reads. This is useful for evading detection by avoiding commonly flagged Base64 values.
Source Files
Click to show internal directories.
Click to hide internal directories.