# nathanlopez/stitch **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/nathanlopez-stitch).** 3,532 stars · 702 forks · Python · other ## Links - GitHub: https://github.com/nathanlopez/Stitch - Homepage: https://nathanlopez.github.io/Stitch/ - awesome-repositories: https://awesome-repositories.com/repository/nathanlopez-stitch.md ## Topics `cross-platform` `keylogger` `linux` `mac-osx` `nsis` `payload` `python` `rat` `reverse-shell` `windows` ## Description Stitch is a command and control framework and post-exploitation toolkit designed for managing multiple remote systems from a central server. It functions as a remote administration tool and payload builder, enabling the execution of commands and the deployment of agents across different operating systems. The project features a cross-platform builder for generating custom executable agents with configurable network bindings and boot behaviors. It utilizes encrypted communication channels to secure traffic between the controller and remote clients, and it supports the execution of dynamic scripts to extend agent functionality at runtime without recompiling binaries. The framework covers a range of remote administration and system manipulation capabilities, including credential and data exfiltration, keystroke recording, and screen capturing. It provides tools for maintaining a persistent presence on target machines through platform-specific installers and the modification of system registry values and files. ## Tags ### Part of an Awesome List - [C2 Infrastructure Managers](https://awesome-repositories.com/f/awesome-lists/devops/c2-infrastructure/c2-listener-servers/c2-infrastructure-managers.md) — Provides a central server to manage the entire command and control infrastructure, including listeners, agents, and encrypted channels. - [Command and Control](https://awesome-repositories.com/f/awesome-lists/security/command-and-control.md) — Implements a central server to manage remote agents and secure communication via encrypted channels. - [Malware Builders](https://awesome-repositories.com/f/awesome-lists/devtools/desktop-and-mobile-apps/cross-platform-app-builders/malware-builders.md) — Ships a utility for generating custom executable agents with platform-specific boot behaviors. - [Payload Builders](https://awesome-repositories.com/f/awesome-lists/devtools/desktop-and-mobile-apps/cross-platform-app-builders/payload-builders.md) — Provides a cross-platform builder for custom agents with configurable network and boot settings. - [C2 Payload Generators](https://awesome-repositories.com/f/awesome-lists/devtools/payload-generators-and-fuzzers/c2-payload-generators.md) — Builds cross-platform executable agents with configurable network bindings and boot-time behaviors. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md)) - [Command And Control Frameworks](https://awesome-repositories.com/f/awesome-lists/security/command-and-control-frameworks.md) — Functions as a comprehensive platform for managing remote access and post-exploitation activities. - [Credential and Data Extraction](https://awesome-repositories.com/f/awesome-lists/security/credential-and-data-extraction.md) — Provides capabilities for harvesting password hashes and browser credentials from target systems. ### Development Tools & Productivity - [Payload Generation](https://awesome-repositories.com/f/development-tools-productivity/cross-platform-build-systems/payload-generation.md) — Includes a cross-platform builder for creating custom executable agents with configurable network bindings. - [Persistence Installers](https://awesome-repositories.com/f/development-tools-productivity/installer-packages/persistence-installers.md) — Wraps payloads in platform-specific installers to automate installation and ensure persistence across system boots. ### Networking & Communication - [Concurrent Remote Session Managers](https://awesome-repositories.com/f/networking-communication/concurrent-remote-session-managers.md) — Manages multiple simultaneous network connections to remote targets to provide a command shell for parallel execution. ([source](https://github.com/nathanlopez/Stitch/wiki/Crash-Course)) - [Secure Communication Channels](https://awesome-repositories.com/f/networking-communication/secure-communication-channels.md) — Establishes encrypted tunnels that protect data streams between the controller and target from interception. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md)) ### Programming Languages & Runtimes - [Cross-Platform Binary Generation](https://awesome-repositories.com/f/programming-languages-runtimes/source-code-compilers/multi-target-compilers/cross-platform-binary-generation.md) — Includes a builder tool that generates platform-specific executable agents for various operating systems and architectures. ### Security & Cryptography - [Encrypted Tunneling](https://awesome-repositories.com/f/security-cryptography/encrypted-tunneling.md) — Implements secure, encrypted connections between the controller and agents to bypass network detection and prevent interception. - [Runtime Script Execution](https://awesome-repositories.com/f/security-cryptography/in-memory-payload-execution/serialized-payload-execution/runtime-script-execution.md) — Enables the execution of dynamic scripts on remote agents to add new capabilities without recompiling the binary. - [Post-Exploitation Frameworks](https://awesome-repositories.com/f/security-cryptography/post-exploitation-frameworks.md) — Offers a framework for exfiltrating credentials and manipulating system configurations on compromised machines. - [Post-Exploitation Toolkits](https://awesome-repositories.com/f/security-cryptography/post-exploitation-toolkits.md) — Provides a toolkit for escalating privileges, maintaining persistence, and gathering data after initial compromise. - [Remote Access Payloads](https://awesome-repositories.com/f/security-cryptography/remote-command-execution-tools/payload-conversion-and-execution/remote-access-payloads.md) — Generates custom payloads designed to establish an initial persistent remote connection to a target system. ([source](https://nathanlopez.github.io/Stitch/)) - [Remote Administration Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/remote-administration-tools.md) — Enables monitoring of user activity through keystroke recording and remote screen capturing. - [Communication Encryption](https://awesome-repositories.com/f/security-cryptography/communication-encryption.md) — Implements protocols for securing data transmission between the control server and remote agents. ([source](https://github.com/nathanlopez/Stitch/wiki/Crash-Course)) - [Data Exfiltration Tools](https://awesome-repositories.com/f/security-cryptography/data-exfiltration-tools.md) — Includes utilities for retrieving sensitive system data, such as password hashes and browser credentials, from restricted environments. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md)) - [Remote Access Trojans](https://awesome-repositories.com/f/security-cryptography/remote-access-trojans.md) — Facilitates the deployment of persistent agents that provide covert remote control and monitoring. ### Software Engineering & Architecture - [Module Functionality Extenders](https://awesome-repositories.com/f/software-engineering-architecture/integration-extensibility/extensibility/plugin-architectures/developer-authoring-interfaces/custom-module-implementations/module-functionality-extenders.md) — Provides mechanisms to add custom methods and capabilities to agents via scripts sent from the control server. ([source](https://github.com/nathanlopez/Stitch/wiki/Crash-Course)) - [Remote Administration Servers](https://awesome-repositories.com/f/software-engineering-architecture/integration-extensibility/programmatic-interfaces/remote-server-registrations/remote-server-registrations/remote-administration-servers.md) — Provides a master interface to maintain active connections and execute commands or transfer files on remote servers. ### System Administration & Monitoring - [Remote Administration Tools](https://awesome-repositories.com/f/system-administration-monitoring/remote-administration-tools.md) — Enables executing commands and managing device configurations on distant machines through encrypted connections. - [Remote Agent Administration](https://awesome-repositories.com/f/system-administration-monitoring/remote-agent-administration.md) — Provides a centralized interface for commanding and managing multiple remote endpoints from a single point of control. ([source](https://nathanlopez.github.io/Stitch/)) - [Remote Command Execution](https://awesome-repositories.com/f/system-administration-monitoring/remote-command-execution.md) — Executes commands and manipulates system settings on target machines via a remote network connection. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md)) - [User Activity Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/activity-monitors/automated-activity-loggers/user-activity-monitoring.md) — Monitors user activity through background services that record keystrokes and capture screen snapshots. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md)) - [System Registry Manipulation](https://awesome-repositories.com/f/system-administration-monitoring/system-file-manipulation/system-registry-manipulation.md) — Interacts directly with the operating system registry and system files to modify settings and maintain stealth. - [Registry Configuration Automators](https://awesome-repositories.com/f/system-administration-monitoring/system-registry-managers/registry-manipulation-scripts/registry-configuration-automators.md) — Uses programmatic scripts to modify system registry values to manage software states and hide activity. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md)) ### Data & Databases - [Installation Persistence](https://awesome-repositories.com/f/data-databases/persistence-mechanisms/installation-persistence.md) — Implements mechanisms to save software installations to non-volatile storage to ensure persistent access across sessions. ([source](https://cdn.jsdelivr.net/gh/nathanlopez/stitch@master/README.md))