Skip to content

Releases: iss4cf0ng/DuplexSpyCS

DuplexSpy v2.0.0

06 Feb 10:27
@iss4cf0ng iss4cf0ng
v2.0.0
09c7d36
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
DuplexSpy v2.0.0 Latest
Latest

DuplexSpy v2.0.0

DuplexSpy v2.0.0 is now available.

Murmur

As a college student, developing a GUI-based remote access tool entirely on my own—and performing proper quality assurance (QA)—has been a significant challenge. Due to limited time, experience, and resources, this project may still contain defects or design flaws that I have not yet discovered. Nevertheless, I believe I have successfully built a RAT that incorporates a wide range of offensive techniques and practical features.

If you find this project helpful or informative, I would truly appreciate a ⭐ on the repository. Your support would be a great motivation for me to continue improving this tool.

Introduction

DuplexSpy is a open-source Windows RAT for learning offensive security techniques. It incorporates features inspired by other tools as well as my own personal experience. Compared to the previous version, I removed several features that I considered unnecessary and added a number of new ones. Throughout this development process, I learned a great deal, and I sincerely hope that this project can be useful to others who are interested in offensive security or malware research.

If you encounter any issues or have suggestions, please feel free to open an issue on the repository page.

Documents

The online documents are here:
DuplexSpy
Fileless Execution
DLL and shellcode injector and loader
Remote Plugin
Proxy

Disclaimer

This project was developed out of personal interest in cybersecurity research and education.
It must not be used for illegal or unauthorized activities.
The author is not responsible for any misuse of this software.

Warning

Your antivirus software may detect and automatically delete certain files (such as shellcode text files used for demonstration purposes). This behavior is expected.

New Features

  • SOCKS5 Proxy
    Network traffic (e.g., YouTube streaming or SSH sessions) can be forwarded through a compromised machine. Click this to learn more about this feature.

  • UAC Prompt

  • Maximum files/folders warning: This feature prevents performance issues when opening folders with a large number of files and folders (e.g., C:\Windows\System32\)

  • Task Manager

    • Regex-based search bar

  • Connection Info

    • Regex-based search bar

  • Interactive shell “Urge” mode for HTTP tunneling

  • Plugins (Click this to learn more about this feature)

    • Chrome
      • Decrypt Chrome cookies
    • Firefox
      • Extract browsing history
      • Extract cookies
      • Extract stored credentials
    • Simple MobaXterm Dumper

  • Shellcode Injection (Click this to learn more about this feature)

    • APC
    • EarlyBird
    • CreateRemoteThread
    • NtCreateThreadEx
    • ZwCreateThreadEx

  • DLL Injection (Click this to learn more about this feature)

    • APC
    • EarlyBird
    • CreateRemoteThread
    • NtCreateThreadEx
    • ZwCreateThreadEx

  • Shellcode Loader (Click this to learn more about this feature)

  • DLL Loader (Click this to learn more about this feature)

  • PE Loader (Fileless Execution, see this)

    • x64 PE
    • x86 PE

  • DNS Resolution

    • Uses the first IPv4 address from DNS resolution results

  • Virtual Terminal (Interactive shell, this feature is inspired by MobaXterm. Click here to see how it looks like)

  • Basic Remote Plugins

    • Basic InfoSpyder
    • Browser Dumper
      • Chrome (v10)

  • Multiple Listener Support

    • TLS
    • HTTP

Problems Solved

  • Column width issues

  • Screen display errors with multiple online machines

  • Multi-Desktop display issues

  • File transfer issues:

    • Incorrect percentage display
    • Data corruption due to byte array misuse
    • Improved transfer algorithm and data structures

  • Terminal resize issues

  • File transfer progress display errors

  • Registry Editor refresh issues

  • UI rendering issues

  • Errors when reusing the virtual terminal

  • TLS-related errors

  • WQL console command issues

  • FunStuff

    • Toggle
      • Mouse trails
    • Wallpaper modification failure
    • Desktop icons not hiding correctly
    • Improved randomness of “Crazy Mouse”
    • Incorrect hWnd value display

  • Multi-URL issues

  • Multi-RunScript issues

  • Multi-LockScreen issues

Assets 4
Loading

DuplexSpy v1.0.0

15 Jul 12:37
@iss4cf0ng iss4cf0ng
version-1.0.0
a158c2e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
DuplexSpy v1.0.0

DuplexSpy v1.0.0

New

Implant Payload

  • Small
  • Tipoff

File Manager

  • Create ShortCut

Improvement

Payload

  • DNS resolver

File Manager

  • View Image

In next version (2.0.0)

  • Remote Plugin (Browser Dumper/AD Explorer maybe?/Database Manager maybe?)
  • More Listener (HTTP/DNS)
Loading

DuplexSpyCS V0.1

15 Apr 08:45
@iss4cf0ng iss4cf0ng
RAT
d357f82

Choose a tag to compare

View all tags
DuplexSpyCS V0.1

Notice

This is the test version.

Loading