id: pupyc2 info: name: PupyC2 - Detect author: pussycat0x severity: info description: | Pupy is a cross-platform, multi function RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory. reference: - https://twitter.com/TLP_R3D/status/1654038602282565632 - https://github.com/n1nj4sec/pupy metadata: max-request: 1 shodan-query: aa3939fc357723135870d5036b12a67097b03309 verified: true tags: c2,ir,osint,pupyc2,panel http: - method: GET path: - '{{BaseURL}}' matchers-condition: and matchers: - type: word part: header words: - 'Etag: "aa3939fc357723135870d5036b12a67097b03309"' - type: status status: - 200 # digest: 4a0a00473045022057d29d7d97cb13a9a35b89dfe318ef030a1df69dbfd1e8a21132fcc0e64b69e2022100bb254b2c1afde50e7e251ed8126e89f75d49eb9b91445812280bf608165ce082:922c64590222798bb761d5b6d8e72950