Shadow Workers

Info

Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW). A successful exploitation allows you to browse on the targeted application as the victim(s), as long as the SW (agent) is active. A victim does not have to have a browser tab open in the application for the agent to be active.

How to use

Shadow Workers Site

TrustedSec Blog posts on the tool:

https://www.trustedsec.com/blog/persistence-through-service-workers-part-1-introduction-and-target-application-setup

https://trustedsec.com/blog/persistence-through-service-workers-part-2-c2-setup-and-use

Authors

License

This tool is released under the MIT License.

Name		Name	Last commit message	Last commit date
Latest commit History 89 Commits
app		app
database		database
migrations		migrations
.gitignore		.gitignore
.python-version		.python-version
MIT-LICENSE		MIT-LICENSE
Modules.md		Modules.md
README.md		README.md
agent.py		agent.py
c2.py		c2.py
config.py		config.py
requirements.txt		requirements.txt
start.sh		start.sh
sw_mitm.py		sw_mitm.py

License

shadow-workers/shadow-workers

Folders and files

Latest commit

History

Repository files navigation

Shadow Workers

Info

How to use

Authors

License

About

Topics

Resources

License

Stars

Watchers

Forks

Languages