{"id":2475,"date":"2018-09-04T07:34:58","date_gmt":"2018-09-04T02:04:58","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=2475"},"modified":"2018-09-04T07:34:58","modified_gmt":"2018-09-04T02:04:58","slug":"ghosttunnel","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/","title":{"rendered":"GhostTunnel &#8211; Backdoor Transmission Method That Can Be Used In An Isolated Environment"},"content":{"rendered":"<p><strong>GhostTunnel<\/strong> is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released.<\/p>\n<p>GhostTunnel use 802.11 Probe Request Frames and Beacon Frames to communicate and doesn&#8217;t need to establish a wifi connection. Exactly, it communicates by embedding data in beacon and probe requests. We publish the GhostTunnel server and windows agent implemented in c\/c++.<\/p>\n<p>The agent doesn&#8217;t need elevated privileges, it uses the system wifi api to send the probe request and receive the beacon. such as on windows, uses the Native WiFi API. So you can implement the corresponding agent on other platforms. The server runs on linux, you need one or two usb wifi card that supports monitor mode and packet injection to run it.<\/p>\n<p><strong><span class=\"td_btn td_btn_sm td_3D_btn\">Also Read<\/span>\u00a0<a href=\"https:\/\/kalilinuxtutorials.com\/getsploit-searching-downloading-exploits\/\" target=\"_blank\" rel=\"noopener\">Getsploit v0.2.2 \u2013 Command Line Utility For Searching And Downloading Exploits<\/a><\/strong><\/p>\n<h2><strong>Advantages Of GhostTunnel<\/strong><\/h2>\n<ol>\n<li>Covertness.<\/li>\n<li>No interference with the target\u2019s existing connection status and communications.<\/li>\n<li>Can bypass firewalls.<\/li>\n<li>Can be used to attack strictly isolated networks.<\/li>\n<li>Communication channel does not depend on the target\u2019s existing network connection.<\/li>\n<li>Allow up to 256 clients<\/li>\n<li>Effective range up to 50 meters<\/li>\n<li>Cross-Platform Support.<\/li>\n<li>Can be used to attack any device with wireless communication module, we tested this attack on Window 7 up to Windows 10, and OSX.<\/li>\n<\/ol>\n<h2><strong>How To Use<\/strong> <strong>?<\/strong><\/h2>\n<ul>\n<li>Server Only need one or two wireless network cards that supports packet injection and monitor mode, like TP-LINK TL-WN722N, Alfa AWUS036ACH. Usage:<\/li>\n<\/ul>\n<pre><span style=\"color: #008000;\"><strong><code><span style=\"color: #008000;\"> .\/ghosttunnel [interface]\n .\/ghosttunnel [interface1] [interface2]<\/span>\n\n <span style=\"color: #008000;\">COMMANDS:\n \tsessions = list all clients\n \tuse = select a client to operate, use [clientID]\n \texit = exit current operation\n \twget = download a file from a client, wget [filepath]\n \tquit = quit ghost tunnel\n \thelp = show this usage help<\/span><\/code><\/strong><\/span><\/pre>\n<ul>\n<li>Client Release the payload to the target system (only windows client published) and execute it.<\/li>\n<\/ul>\n<h2><strong>Implementation<\/strong><\/h2>\n<ul>\n<li>Shell command Create a remote shell.<\/li>\n<li>Download file The file maximum size limit is 10M and can only download one file at a time.<\/li>\n<li>You can add other functions as needed.<\/li>\n<\/ul>\n<h2><strong>Building<\/strong><\/h2>\n<h3 style=\"text-align: center;\"><strong>Server Requirements<\/strong><\/h3>\n<pre><code><span style=\"color: #008000;\"><strong>apt-get install pkg-config libnl-3-dev libnl-genl-3-dev<\/strong> \n<\/span><\/code><\/pre>\n<h3 style=\"text-align: center;\"><a id=\"user-content-compiling\" class=\"anchor\" href=\"https:\/\/github.com\/360PegasusTeam\/GhostTunnel#compiling\" aria-hidden=\"true\"><\/a><strong>Compiling<\/strong><\/h3>\n<pre><code><strong><span style=\"color: #008000;\">server:\n\tcd src\n\tmake\nwindows client:\n\tMicrosoft Visual Studio 2015<\/span> \n<\/strong><\/code><\/pre>\n<p><a href=\"https:\/\/github.com\/360PegasusTeam\/GhostTunnel\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-999\" src=\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png\" alt=\"\" width=\"141\" height=\"40\" \/><\/a><strong>Credit<\/strong> <strong>: Aircrack-ng, MDK4, hostapd &amp; Kismet <\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and Beacon Frames to communicate and doesn&#8217;t [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[1327],"class_list":["post-2475","post","type-post","status-publish","format-standard","hentry","category-kali","tag-ghosttunnel"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>GhostTunnel - Backdoor Transmission Used In An Isolated Environment<\/title>\n<meta name=\"description\" content=\"GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GhostTunnel - Backdoor Transmission Used In An Isolated Environment\" \/>\n<meta property=\"og:description\" content=\"GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2018-09-04T02:04:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"GhostTunnel &#8211; Backdoor Transmission Method That Can Be Used In An Isolated Environment\",\"datePublished\":\"2018-09-04T02:04:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\"},\"wordCount\":328,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png\",\"keywords\":[\"GhostTunnel\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\",\"name\":\"GhostTunnel - Backdoor Transmission Used In An Isolated Environment\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png\",\"datePublished\":\"2018-09-04T02:04:58+00:00\",\"description\":\"GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GhostTunnel - Backdoor Transmission Used In An Isolated Environment","description":"GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/","og_locale":"en_US","og_type":"article","og_title":"GhostTunnel - Backdoor Transmission Used In An Isolated Environment","og_description":"GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device","og_url":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2018-09-04T02:04:58+00:00","og_image":[{"url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"GhostTunnel &#8211; Backdoor Transmission Method That Can Be Used In An Isolated Environment","datePublished":"2018-09-04T02:04:58+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/"},"wordCount":328,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png","keywords":["GhostTunnel"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/","url":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/","name":"GhostTunnel - Backdoor Transmission Used In An Isolated Environment","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png","datePublished":"2018-09-04T02:04:58+00:00","description":"GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/ghosttunnel\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/ghosttunnel\/#primaryimage","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":5649,"url":"https:\/\/kalilinuxtutorials.com\/slackor-golang-implant-control-server\/","url_meta":{"origin":2475,"position":0},"title":"Slackor : A Golang Implant That Uses Slack As A Command &#038; Control Server","author":"R K","date":"July 8, 2019","format":false,"excerpt":"Slackor is a golang implant that uses Slack as a command and control server. This tool is released as a proof of concept. Be sure to read and understand the\u00a0Slack App Developer Policy\u00a0before creating any Slack apps. Setup Note: The server is written in Python 3 For this to work\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7829,"url":"https:\/\/kalilinuxtutorials.com\/betterbackdoor-backdoor-with-a-multitude-features\/","url_meta":{"origin":2475,"position":1},"title":"BetterBackdoor : A Backdoor With A Multitude Of Features","author":"R K","date":"December 26, 2019","format":false,"excerpt":"BetterBackdoor is a backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd or bash and output the response. This is useful, but it is also limited. BetterBackdoor overcomes these limitations by\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":17479,"url":"https:\/\/kalilinuxtutorials.com\/bantam\/","url_meta":{"origin":2475,"position":2},"title":"Bantam : A PHP Backdoor Management And Generation tool\/C2 Featuring End To End Encrypted Payload Streaming Designed To Bypass WAF, IDS, SIEM Systems","author":"R K","date":"August 19, 2021","format":false,"excerpt":"Bantam is an advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation tool. Features end to end encryption with request unique encryption keys, and payload streaming designed to bypass WAF, IDS, SIEM systems. It incorporates several payload randomization and obfuscation\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28246,"url":"https:\/\/kalilinuxtutorials.com\/villain\/","url_meta":{"origin":2475,"position":3},"title":"Villain : Windows And Linux Backdoor Generator And Multi-Session Handler","author":"R K","date":"January 30, 2023","format":false,"excerpt":"Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team. The main idea behind the payloads generated by this tool is inherited from HoaxShell. One could\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhJLlxDl9TvXjKKo3h3uSGxhKeTpuEEa9gnUmCO_MbL65UHOCctumnTPcFt24j4B_u9Qdf9Yp_6n_H0NZODXwGl-5o3DJio_y3TEoA5EDCzV6d38-rfmoa0GsW-uuqOh8cEIR2fb2ak3e0mlG6ZgpjMOO35-KfqYKVmKLafc1qlF26da84D5ec7UUdG\/s721\/Villan%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhJLlxDl9TvXjKKo3h3uSGxhKeTpuEEa9gnUmCO_MbL65UHOCctumnTPcFt24j4B_u9Qdf9Yp_6n_H0NZODXwGl-5o3DJio_y3TEoA5EDCzV6d38-rfmoa0GsW-uuqOh8cEIR2fb2ak3e0mlG6ZgpjMOO35-KfqYKVmKLafc1qlF26da84D5ec7UUdG\/s721\/Villan%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhJLlxDl9TvXjKKo3h3uSGxhKeTpuEEa9gnUmCO_MbL65UHOCctumnTPcFt24j4B_u9Qdf9Yp_6n_H0NZODXwGl-5o3DJio_y3TEoA5EDCzV6d38-rfmoa0GsW-uuqOh8cEIR2fb2ak3e0mlG6ZgpjMOO35-KfqYKVmKLafc1qlF26da84D5ec7UUdG\/s721\/Villan%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhJLlxDl9TvXjKKo3h3uSGxhKeTpuEEa9gnUmCO_MbL65UHOCctumnTPcFt24j4B_u9Qdf9Yp_6n_H0NZODXwGl-5o3DJio_y3TEoA5EDCzV6d38-rfmoa0GsW-uuqOh8cEIR2fb2ak3e0mlG6ZgpjMOO35-KfqYKVmKLafc1qlF26da84D5ec7UUdG\/s721\/Villan%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":27573,"url":"https:\/\/kalilinuxtutorials.com\/sandman\/","url_meta":{"origin":2475,"position":4},"title":"Sandman : NTP Based Backdoor For Red Team Engagements In Hardened Networks","author":"R K","date":"November 8, 2022","format":false,"excerpt":"Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre-defined server. Since NTP is a protocol that is overlooked\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgP6RIdM3oDUYLqBZZkMcq4DkMge-5zdb7jy3aOOaLl9gCQkD11I2fXnfdvCUuI4mWRAIj188BtZ7YTDD_tIdzOn-cgn9MOWD7hiOYyUwkfXb9vkijOF16T3_kUNsUpr2TyudLzKHz9zGPBbTVmlfu9ZRyk27T3DJSnt03-mqQhkE71Id7o1TDyPOCt\/s728\/Sandman.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgP6RIdM3oDUYLqBZZkMcq4DkMge-5zdb7jy3aOOaLl9gCQkD11I2fXnfdvCUuI4mWRAIj188BtZ7YTDD_tIdzOn-cgn9MOWD7hiOYyUwkfXb9vkijOF16T3_kUNsUpr2TyudLzKHz9zGPBbTVmlfu9ZRyk27T3DJSnt03-mqQhkE71Id7o1TDyPOCt\/s728\/Sandman.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgP6RIdM3oDUYLqBZZkMcq4DkMge-5zdb7jy3aOOaLl9gCQkD11I2fXnfdvCUuI4mWRAIj188BtZ7YTDD_tIdzOn-cgn9MOWD7hiOYyUwkfXb9vkijOF16T3_kUNsUpr2TyudLzKHz9zGPBbTVmlfu9ZRyk27T3DJSnt03-mqQhkE71Id7o1TDyPOCt\/s728\/Sandman.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgP6RIdM3oDUYLqBZZkMcq4DkMge-5zdb7jy3aOOaLl9gCQkD11I2fXnfdvCUuI4mWRAIj188BtZ7YTDD_tIdzOn-cgn9MOWD7hiOYyUwkfXb9vkijOF16T3_kUNsUpr2TyudLzKHz9zGPBbTVmlfu9ZRyk27T3DJSnt03-mqQhkE71Id7o1TDyPOCt\/s728\/Sandman.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":1105,"url":"https:\/\/kalilinuxtutorials.com\/drozer-security-testing-framework\/","url_meta":{"origin":2475,"position":5},"title":"Drozer &#8211; Android Leading Security Testing Framework","author":"R K","date":"April 30, 2018","format":false,"excerpt":"Drozer (once in the past Mercury) is the main security testing framework for Android. It enables you to scan for security vulnerabilities in applications and devices by expecting the part of an application and cooperating with the Dalvik VM, other applications' IPC endpoints and the basic OS. It gives apparatuses\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/2475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=2475"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/2475\/revisions"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=2475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=2475"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=2475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}