byt3bl33d3r / SILENTTRINITY

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
GNU General Public License v3.0
2.2k stars 405 forks source link
boolang c-sharp dotnet dotnet-dlr dotnet-script ironpython post-exploitation python3 red-teams security-tools

SILENTTRINITY

ST

SILENTTRINITY is modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework powered by Python 3 and .NETs DLR. It's the culmination of an extensive amount of research into using embedded third-party .NET scripting languages to dynamically call .NET API's, a technique the author coined as BYOI (Bring Your Own Interpreter). The aim of this tool and the BYOI concept is to shift the paradigm back to PowerShell style like attacks (as it offers much more flexibility over traditional C# tradecraft) only without using PowerShell in anyway.

Some of the main features that distinguish SILENTTRINITY are:

Call for Contributions

I'm just one person developing this mostly in my spare time, I do need to have a life outside of computers (radical idea, I know).

This means that if anyone finds this tool useful and would like to see X functionality added, the best way to get it added is to submit a Pull Request.

Be the change you want to see in the world!

As of the time of writing the most useful thing you can contribute are post-ex modules: this would allow me to concentrate efforts on the framework itself, user experience, QOL features etc...

To do this, you're going to have to learn the Boo programming language (the Boo wiki is amazing and has everything you'd need to get started), if you know Python you'll find yourself at home :).

Check out some of the existing modules, if you've written an Empire module before you'll see its very similar. Finally you can start porting over post-ex modules from other C2 frameworks such as Empire.

Documentation, Setup & Basic Usage

The documentation is a work in progress but some is already available in the Wiki.

See here for install instructions and here for basic usage.

I recommend making wild use the help command and the -h flag :)

Author

Marcello Salvati (@byt3bl33d3r)

Acknowledgments, Contributors & Involuntary Contributors

(In no particular order)