Skip to content

ChaitanyaHaritash/IllusiveFog

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
client
client
 
 
docs
docs
 
 
srvfin
srvfin
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
banner.png
banner.png
 
 

Repository files navigation

Socks5 Proxy Based Administrator-Level ImplantKit for windows. | Written in purely Python 2.7, C & C++.

.___.__  .__               .__            ___________            
|   |  | |  |  __ __  _____|__|__  __ ____\_   _____/___   ____  
|   |  | |  | |  |  \/  ___/  \  \/ // __ \|    __)/  _ \ / ___\ 
|   |  |_|  |_|  |  /\___ \|  |\   /\  ___/|     \(  <_> ) /_/  >
|___|____/____/____//____  >__| \_/  \___  >___  / \____/\___  / 
                        \/              \/    \/       /_____/

Information:

IllusiveFog is an implantkit for Microsoft Windows based network for long term stealthy access and recon.

Documenation:

Features:

Help Menu:

Help Menu:
=========
resetdb 			- Reset/Empty DataBase to Fresh.
help 				- Help Menu.
listold 			- List about old victims.
interact 			- Interact with Victim.
exit 	 			- Exit.

Victim Interaction Capabilities:

Victim Interaction Capabilities:
===============================

info  				- Information about victim.
list				- List all victims.
jobs				- List all active jobs.
jobdel				- Delete any active Job.
remove				- Remove Victim from database.

shell 				- Command to be executed on Victim Machine's Shell.
persistence			- Install/Uninstall Persistence on Victim.
injShellcode			- Inject Shellcode on Victim Machine.
selfSocks5			- Turn Victim into a Socks5 Proxy itself.
VerboseRecon		        - Verbose Recon On infected victim.
VTLook				- Check if Binaries are submitted on Virustotal.
Load				- Load EXE/DLL on Infected Host.
ETW				- Perform operations on ETW.
EVTX			 	- Perform Operations on EVTX. 
UnldPlug			- Unload a plugin.
Keylogger			- Keylogger.
FetchFile			- Steal files from Victim.
ProcessCamouflage  		- Steal attributes of any target executable.  
Cleanup				- Close Connection with Victim. (Complete Removal)

back  				- Back to the main Menu.

Consent:

"The creators (@bofheaded & @veil_ivy) of the project (IllusiveFog) will not be responsible for any usecase of this project by any user. User shall be responsible usage of the code."

This project was made with a mindset of hobbyist back in 2019-2021 to learn more about Windows internals and detection mechanisams having inspiration from open-source and commercially available C2/Implant frameworks with extensive understanding of offensive toolings to implement something homebrewed.

  • Kindly consider it for educational purposes
  • This project is no longer maintained.
  • There could be some parts of code routine which might require reverse-engineering and make them work (This is intentionally done).

LICENSE:

MIT-LICENSE

About

Windows Administrator level Implant.

Topics

python c windows cpp dfir offensive-security c2 attack-defense command-and-control implant defensive-security detection-engineering

Resources

Readme

License

MIT license
Activity

Stars

32 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages