T2B - Cross-Platform Post Exploitation Toolkit


This project aims to administrate a network of compromised hosts, keeping your identity private (thanks to Tor) and your connections secure (thanks to TLS/SSL). For many times botnets get stuck because the main servers became compromised, but this framework will let you keep yours C&C safe and alive (well, this will do its best).
Another problem is that you let unauthorized users to reach your server, even without the cert or whatever. If I now your hostname/IP/whatever I can reach you. But Tor has the solution (that, as far as I know, clearnet hasn't). I'm referring to HiddenServiceAuthorizeClient and HidServAuth, if you set these properly, see here, your Master server will be more stealth than ever and it won't suffer ddos attack, or any other type of it. Because this is a feature of Tor, of the protocol and not of the software (T2B-framework). So from now on, you'll setup a "firewall" between you (Master) and your bots. The new firewall will be just a node from you and your bots, that will filter "legit" client from attackers. But for this we all will wait. News are coming, changes are coming.



  • Install Tor and initialize a HS
  • Generate a S.S.C. (Self-Signed-Certificate) with Openssl (you can use the priv key of the HS)
  • Modify the variables of the S.C. as you like (host, port, etc..)
  • Install GEOIP2, and download the database
  • run pip install -r requirements
  • Install external (github) dependencie
Powered by Blogger.