Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports, migrate into processes (reflective injection), load remote python code, python packages and python C-extensions from memory.
Pupy modules can transparently access remote python objects using rpyc to perform various interactive tasks.
Pupy can generate payloads in multiple formats like PE executables, reflective DLLs, pure python files, powershell, apk, … When you package a payload, you can choose a launcher (connect, bind, …), a transport (ssl, http, rsa, obfs3, scramblesuit, …) and a number of “scriptlets”. Scriptlets are python scripts meant to be embedded to perform various tasks offline (without requiring a session), like starting a background script, adding persistence, starting a keylogger, detecting a sandbox, …