33 lines
987 B
YAML
33 lines
987 B
YAML
id: pupyc2
|
|
|
|
info:
|
|
name: PupyC2 - Detect
|
|
author: pussycat0x
|
|
severity: info
|
|
description: |
|
|
Pupy is a cross-platform, multi function RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory.
|
|
reference:
|
|
- https://twitter.com/TLP_R3D/status/1654038602282565632
|
|
- https://github.com/n1nj4sec/pupy
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: aa3939fc357723135870d5036b12a67097b03309
|
|
tags: c2,ir,osint,pupyc2,panel
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- 'Etag: "aa3939fc357723135870d5036b12a67097b03309"'
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|