SpaceCow – Python Rootkit

For my #rootkit now it can modify the source #IP on #kernel mode such a windows #API does.

Then #encrypted traffic and persistence using Windows #Services. Capable of #cmd and #powershell command execution in runtime retrieving the #payload on the remote server.

#Spacecow the rootkit (c&c), this will be useful for #RedTeam post exploitation ops. If anyone interested of the sources I’ll upload soon the project.

Leave a Reply

Your email address will not be published. Required fields are marked *