Lycanthropy is a modular post-exploitation tool instrumented with DNS and written in Java, with a distributable client to enable collaborative Red Teaming and Penetration Testing.
- DNS communication with AES-GCM-256 encryption via AAAA lookup
- Ephemeral final config and per-build password distribution
- C2 access management
- Per engagement data partitioning system
- Distributable client for collaborative testing
- New GUI (NOTE: The new gui is better on windows than in a linux graphical interface)
When a lycanthropy agent is executed on a target, it uses recursive lookups to route back to the DNS C2. The DNS daemon ingests and parses the requests before forwarding them onto the API backend or storing them as necessary. The API backend stores data, provides authentication and authorization, brokers configuration and package distribution, and distributes command tasks to the agents via the DNS daemon. Operators and managers send instructions to the server and receive direct output via the gui.
For quick installation, run the following. It is recommended that you turn off command line history before running the installer.sh script.
git clone https://github.com/kryptops/lycanthropy
cd lycanthropy
./installer.sh -u <UI admin username> -p <UI admin password> -d <<subdomain>.<domain>.<tld>>
cd svc
python3 lysys.py
On an install that can access the api server (or from a terminal on the api server), run...
cd svc
python3 ui.py
Special thanks to @romz0mbie, who prototyped the logo for lycanthropy