README
¶
XMT: eXtensible Malware Toolkit
XMT is a full featured C2 framework written in Golang that allows for control, data exfiltration and some other cool functions. Can be used to make full C2 clients/servers with little out-of-the-box changes.
ThunderStorm would be an implementation of this.
The pkg.go.dev site has the framework documentation here.
TODO
These are some things I need to work on.
- Keyloging
- MultiProxy Support
- Shellcode for Linux without CGO (potentially)
- Add in memory (Reflective) DLL injection (Outside of SRDi)
- ScreenShot support for MacOS/Linux without CGO?
- More Windows thread creation techniques besides NtCreateThreadEx
Bugs
Issues that I know are broken. If you're using this, feel free to submit issue tickets or pull requests. (I don't bite, mostly owo)
Thanks and Credits
- Package Monkey by @skx github.com/skx/monkey
- Package Otto by @robertkrimen github.com/robertkrimen/otto
- Intern method by @bradfitz tailscale.com/blog/netaddr-new-ip-type-for-go/
- Also the IP struct code and info.
- mTLS insights by @kofoworola kofo.dev/how-to-mtls-in-golang
- DLL loader by @monoxgas github.com/monoxgas/sRDI
- Initial idea for MiniDump/DLL Reload by the Sliver C2 framework github.com/BishopFox/sliver/
- Untrust idea by @zha0gongz1 golangexample.com/...
Licenses
XMT is covered by the GNU GPLv3 License
Directories
¶
| Path | Synopsis |
|---|---|
|
Package c2 is the primary Command & Control (C2) endpoint for creating and managing a C2 Session or spinning up a C2 service.
|
Package c2 is the primary Command & Control (C2) endpoint for creating and managing a C2 Session or spinning up a C2 service. |
|
cfg
Package cfg is used to generate Binary versions of C2 Profiles and can be used to create automatic Profile 'Groups' with multiple communication and encoding types to be used by a Single session.
|
Package cfg is used to generate Binary versions of C2 Profiles and can be used to create automatic Profile 'Groups' with multiple communication and encoding types to be used by a Single session. |
|
cout
Package cout is a simple log handeling solution for the c2 package.
|
Package cout is a simple log handeling solution for the c2 package. |
|
task
Package task is a simple collection of Task based functions that cane be tasked to Sessions by the Server.
|
Package task is a simple collection of Task based functions that cane be tasked to Sessions by the Server. |
|
wrapper
Package wrapper is a simple container package for c2 Wrapper types.
|
Package wrapper is a simple container package for c2 Wrapper types. |
|
filter
Package filter is a separate container for the 'Filter' struct that can be used to target a specific process or one that matches an attribute set.
|
Package filter is a separate container for the 'Filter' struct that can be used to target a specific process or one that matches an attribute set. |
|
script
Package script contains Script engines in separate packages to prevent loading if not needed/included.
|
Package script contains Script engines in separate packages to prevent loading if not needed/included. |
|
crypto/subtle
Package subtle is similar to the 'cipher/subtle', only needed for very specific crypto operations.
|
Package subtle is similar to the 'cipher/subtle', only needed for very specific crypto operations. |
|
evade
Package evade is a package that contains functions that can be used to evade detection and disrupt defender tactics.
|
Package evade is a package that contains functions that can be used to evade detection and disrupt defender tactics. |
|
Package man is the implementation of the Guardian and Sentinel structs.
|
Package man is the implementation of the Guardian and Sentinel structs. |
|
Package util is a very generic package that is used to contain simple functions that may be used in multiple packages, such as the simple random number generator.
|
Package util is a very generic package that is used to contain simple functions that may be used in multiple packages, such as the simple random number generator. |
|
bugtrack
Package bugtrack enables the bug tracking system, which is comprised of a global logger that will write to Standard Error and on the filesystem in a temporary directory, "$TEMP" in *nix and "%TEMP%" on Windows, that is named "bugtrack-<PID>.log".
|
Package bugtrack enables the bug tracking system, which is comprised of a global logger that will write to Standard Error and on the filesystem in a temporary directory, "$TEMP" in *nix and "%TEMP%" on Windows, that is named "bugtrack-<PID>.log". |
|
text
Package text is a simple package for generating random string values with complex requirements and regular expressions.
|
Package text is a simple package for generating random string values with complex requirements and regular expressions. |
|
xerr
Package xerr is a simplistic (and more efficient) re-write of the "errors" built-in package.
|
Package xerr is a simplistic (and more efficient) re-write of the "errors" built-in package. |
|
xmt-device
module
|
Click to show internal directories.
Click to hide internal directories.