Shellcreeper is a lightweight asynchronous C2 that communicates over http(s).

• Clone Shellcreeper
• cd shellcreeper
• npm install

$> ./shellcreeper --port 3000

Shellcreeper starts a webserver on port 3000 by default, but you can specify any other port via the --port parameter

You can optionally specify TLS info via --key --cert and --chain

Configure the payload of choice (see the payloads folder -- currently only python payloads are available) and give it a valid hostname/ip and port for your shellcreeper server

Once your payload is configured, you can either run it as is (on your victim) or use the b64encoder script to create a base64 encoded one liner.

python b64encoder.py payload.py

By default your first connection established will be the active shell session. Any command you enter (except for several reserved keywords we'll go over next) will task your current shell to perform an action.

session - Gets current session

You can change your session by entering set session <id>

Once you have an active session, the shell will check in roughly every 10 seconds. You can change the sleep time by entering sleep 30 with 30 being the number of seconds base the randomized sleep time from.

kill will tell the active session to kill itself.

Any other command entered will task the session to execute a system command of that value.