Skip to content

JoelGMSec/NekoDNS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
LICENSE
LICENSE
 
 
NekoDNS.png
NekoDNS.png
 
 
NekoDNS.ps1
NekoDNS.ps1
 
 
NekoDNS.py
NekoDNS.py
 
 
NekoDNS.sh
NekoDNS.sh
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

NekoDNS

NekoDNS

Experimental Reverse DNS Shell

NekoDNS is an experimental tool that leverages DNS resolutions to establish a Reverse Shell over DNS.
Communication is performed through DNS queries (AAAA/A records) that carry commands and responses as fragmented and reversed hexadecimal data, making detection by automated tools very difficult. The project provides a server (Python) and clients in Bash (Linux) and PowerShell (Windows) to support different environments.

✨ Features

  • 🔍 Evasion: Random data and domains in each request (-random)
  • Flow control: Adjustable chunk size and sleep interval (-l, -i)
  • 📂 File management: Built-in upload/download support
  • 💻 Cross-platform: Linux (Bash) and Windows (PowerShell) clients
  • 🐱 Fully integrated into Kitsune (https://github.com/JoelGMSec/Kitsune)
  • 🔑 Privilege escalation support with sudo/su in Linux
  • 📜 Import PowerShell scripts directly on Windows clients (import-ps1)

⚙️ Requirements

  • Python 3 + install requirements.txt
  • Bash + dig + xxd (for Linux client)
  • PowerShell 4.0 (for Windows client)

Install dependencies:

pip install -r requirements.txt

🚀 Usage

python3 NekoDNS.py -h             

  _   _      _         ____  _   _ ____  
 | \ | | __ | | __ __ |  _ \| \ | / ___| 
 |  \| |/ _ \ |/ / _ \| | | |  \| \___ \ 
 | |\  |  __/   < (_) | |_| | |\  |___) |
 |_| \_|\___|_|\_\___/|____/|_| \_|____/ 
                                         
                                               
  ----------- by @JoelGMSec -----------

[!] Usage: python3 NekoDNS.py <listen_ip> <listen_port> <-udp/-tcp>

Arguments:

  • <listen_ip> → IP address to listen (0.0.0.0 by default)
  • <listen_port> → Port to listen (53 by default)
  • <-udp/-tcp> → Protocol to use (UDP or TCP)

Available Commands:

  • upload → Upload a file from local to remote computer
  • download → Download a file from remote to local computer
  • import-ps1 → Import PowerShell script on Windows hosts
  • sudo → Execute with sudo privileges on Linux hosts
  • clear/cls → Clear terminal screen
  • kill → Kill client connection
  • exit → Exit from program

📸 Screenshots

image

🗂️ Documentation

The detailed guide of use can be found at the following link:

https://darkbyte.net/nekodns-jugando-con-dns-una-vez-mas

📄 License

This project is licensed under the GNU GPL-3.0 license - See the LICENSE file for more details.

👨‍💻 Contact

For more information, you can find me on Twitter as @JoelGMSec

Other ways to contact me on my blog darkbyte.net

⚠️ Disclaimer

This software comes with no warranty, exclusively for educational purposes and authorized security audits.

The author is not responsible for any misuse or damage caused by this software.

☕ Support

Support my work by buying me a coffee:

buymeacoffe

About

Experimental Reverse DNS Shell

darkbyte.net

Topics

shell dns random domain hacking reverse redteam

Resources

Readme

License

GPL-3.0 license
Activity

Stars

14 stars

Watchers

0 watching

Forks

2 forks
Report repository

Contributors

Languages