Mute

Project Title "With the continual popularization of web-filtering security solutions, network security teams are able to categorically block web pages. These solutions can be troublesome for penetration testers due to reliance on web protocols to communicate with compromised computers within a corporate network. To bypass these web-filters, an attacker will need to create content to host on the website and submit a request for the domain to be reviewed and categorized. This can be a time-consuming process and even more so if the web page fails the review."

"Mute is a Command & Control (C2) toolset that leverages GitHub to communicate with and issue commands to compromised hosts that lie behind a web-filtering solution. Compromised hosts will periodically check a GitHub repository for any commands to be run and post any output to the repository as well. Because GitHub is a legitimate web service, defenders cannot simply block the domain."

Team Members

Colbert Zhu

Colbert Zhu

ctz27@drexel.edu

Andrei Dorin

Andrei Dorin

aed77@drexel.edu

Matthew Long

Matthew Long

mrl324@drexel.edu

Larry Hui

Larry Hui

lh562@drexel.edu

Secondo DiGiacomo

Secondo DiGiacomo

std49@drexel.edu

Samuel Greenberg

Samuel Greenberg

sag343@drexel.edu

Nicholas Hausler

Nicholas Hausler

nah69@drexel.edu

Screenshots

Mute User Interface

Mute User Interface


This is the Mute User Interface where users can interact with compromised hosts in a shell-like interface.

Placeholder

Placeholder


Behind the Scenes

Dr. Filippos Vokolos

CCI Advisor
Dr. Filippos Vokolos

fiv22@drexel.edu

https://drexel.edu/cci/about/directory/V/Vokolos-Filippos/

Galen Fisher

Stakeholder
Galen Fisher

galen.fisher@securityriskadvisors.com

https://securityriskadvisors.com/