reddit hackernews mail facebook facebook linkedin


Backdoor generator and multi-session handler for sessions sharing among connected sibling servers.

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

The framework's main features include:
- Payload generation based on default, customizable and/or user defined payload templates (Windows & Linux),
- A dynamically engaged pseudo-shell prompt that can quickly swift between shell sessions,
- File uploads (via http),
- Auto-http request & exec scripts against sessions (a bit unstable),
- Auto-invoke ConPtyShell against a powershell r-shell session as a new process to gain a fully interactive Windows shell,
- Team chat,
- Session Defender (a feature that inspects user issued commands for mistakes / unintentional input that may cause a shell to hang)