# darklink
A tool to quickly transfer a file to or from a compromised system during security assessments.
## Features
Unlike `python3 -m http.server` darklink will:
- Generate the command for you to copy and paste on the compromised host.
- Expose only the specific file you want to transfer, rather than the entire working directory.
- Automatically fetch and transfer the latest versions of commonly used tools (e.g., winPEAS, linPEAS, mimikatz).
- Allow you to exfiltrate files from the compromised host to your machine.
## Install
```bash
pip3 install darklink
```
## Usage
- Transfering a file
```bash
darklink drop --file ./exploits/gameoverlay.sh
```
- Transfering one of the provided tools
```bash
darklink drop --tool sharphound
darklink drop --tool linpeas
darklink drop --tool chisel --platform linux
darklink drop --tool chisel --platform windows --arch 386
```
- Exfiltration
```bash
darklink exfil --file 20240302144505_BloodHound.zip
```
### Provided tools
| Tool | Description |
| ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- |
| chisel | Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. |
| LaZagne | The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. |
| LinEnum | Scripted Local Linux Enumeration & Privilege Escalation Checks. |
| mimikatz | A little tool to play with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory |
| winPEAS | Windows local Privilege Escalation Awesome Script. |
| linPEAS | Linux local Privilege Escalation Awesome Script. |
| PrivescCheck | Privilege Escalation Enumeration Script for Windows. |
| pspy | Monitor linux processes without root permissions. |
| RunasCs | RunasCs is an utility to run specific processes with different permissions than the user's current logon provides using explicit credentials. |
| SharpHound | C# Data Collector for BloodHound. |
| AccessChk | AccessChk is a command-line tool for viewing the effective permissions on files, registry keys, services, processes, kernel objects, and more. |
| Procdump | This command-line utility is aimed at capturing process dumps of otherwise difficult to isolate and reproduce CPU spikes. |
| PsExec | Execute processes on remote systems. |
Raw data
{
"_id": null,
"home_page": "https://github.com/vedard/darklink",
"name": "darklink",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.11,<4.0",
"maintainer_email": "",
"keywords": "security,pentesting,ctf,tool",
"author": "vedard",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/b0/2e/70667131d8fb20b3d028bca8a5c5a523ba60f7374d045ebc002c648da7dc/darklink-1.0.0.tar.gz",
"platform": null,
"description": "# darklink\n\nA tool to quickly transfer a file to or from a compromised system during security assessments.\n\n## Features\n\nUnlike `python3 -m http.server` darklink will:\n\n- Generate the command for you to copy and paste on the compromised host.\n- Expose only the specific file you want to transfer, rather than the entire working directory.\n- Automatically fetch and transfer the latest versions of commonly used tools (e.g., winPEAS, linPEAS, mimikatz).\n- Allow you to exfiltrate files from the compromised host to your machine.\n\n\n\n\n## Install\n\n```bash\npip3 install darklink\n```\n\n## Usage\n\n- Transfering a file\n\n ```bash\n darklink drop --file ./exploits/gameoverlay.sh\n ```\n\n- Transfering one of the provided tools\n\n ```bash\n darklink drop --tool sharphound\n darklink drop --tool linpeas\n darklink drop --tool chisel --platform linux\n darklink drop --tool chisel --platform windows --arch 386\n ```\n\n- Exfiltration\n\n ```bash\n darklink exfil --file 20240302144505_BloodHound.zip\n ```\n\n### Provided tools\n\n| Tool | Description |\n| ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- |\n| chisel | Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. |\n| LaZagne | The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. |\n| LinEnum | Scripted Local Linux Enumeration & Privilege Escalation Checks. |\n| mimikatz | A little tool to play with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory |\n| winPEAS | Windows local Privilege Escalation Awesome Script. |\n| linPEAS | Linux local Privilege Escalation Awesome Script. |\n| PrivescCheck | Privilege Escalation Enumeration Script for Windows. |\n| pspy | Monitor linux processes without root permissions. |\n| RunasCs | RunasCs is an utility to run specific processes with different permissions than the user's current logon provides using explicit credentials. |\n| SharpHound | C# Data Collector for BloodHound. |\n| AccessChk | AccessChk is a command-line tool for viewing the effective permissions on files, registry keys, services, processes, kernel objects, and more. |\n| Procdump | This command-line utility is aimed at capturing process dumps of otherwise difficult to isolate and reproduce CPU spikes. |\n| PsExec | Execute processes on remote systems. |\n",
"bugtrack_url": null,
"license": "GPL-3.0-only",
"summary": "A tool to quickly transfer a file to or from a compromised system",
"version": "1.0.0",
"project_urls": {
"Homepage": "https://github.com/vedard/darklink"
},
"split_keywords": [
"security",
"pentesting",
"ctf",
"tool"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "af0c4c58f97fbba600ce025daea6b6c98bb206c8048fd32c234e5c3cae63d960",
"md5": "bc5a54591ec73b6d936d708521a0668b",
"sha256": "0b81b6319cae59381e737de29f5eae84483af2b64d50e05d56b626bceb3cfc6a"
},
"downloads": -1,
"filename": "darklink-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "bc5a54591ec73b6d936d708521a0668b",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.11,<4.0",
"size": 23372,
"upload_time": "2024-03-07T04:08:36",
"upload_time_iso_8601": "2024-03-07T04:08:36.607582Z",
"url": "https://files.pythonhosted.org/packages/af/0c/4c58f97fbba600ce025daea6b6c98bb206c8048fd32c234e5c3cae63d960/darklink-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "b02e70667131d8fb20b3d028bca8a5c5a523ba60f7374d045ebc002c648da7dc",
"md5": "00263af1184626164e814fb9f6e66d2b",
"sha256": "4965fe0856a0380097b562c750d2308385909fada604bc29790d02263ba6f939"
},
"downloads": -1,
"filename": "darklink-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "00263af1184626164e814fb9f6e66d2b",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.11,<4.0",
"size": 18617,
"upload_time": "2024-03-07T04:08:38",
"upload_time_iso_8601": "2024-03-07T04:08:38.726353Z",
"url": "https://files.pythonhosted.org/packages/b0/2e/70667131d8fb20b3d028bca8a5c5a523ba60f7374d045ebc002c648da7dc/darklink-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-03-07 04:08:38",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "vedard",
"github_project": "darklink",
"github_not_found": true,
"lcname": "darklink"
}
JSON
