Awesome Open Source
Awesome Open Source

Tor Rootkit

Docker build test

A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get's established over the tor network.


Use for educational purposes only.

How to use

  1. Clone the repo and change directory:
git clone
cd ./tor-rootkit
  1. Build docker container:
docker build -t listener .
  1. Run docker container:
docker run -v $(pwd)/executables:/executables/ -it listener
  1. Deploy the executables: When the listener is up and running it generates a "executables" directory containing different payloads for different plattforms.

Note: The client can take some time (20s-30s) to connect because PyInstaller executables are a bit slower and it need's to start tor.


  • Standalone executable, including python interpreter and tor
  • the whole communication works over tor hidden services which guarantees some degree of anonymity
  • The Listener can handle multiple clients
  • The Client auto reconnects when a unexpected closed connection occurs
  • The Listener generates payloads for different plattforms on startup

Listener Shell Commands

Command Explanation
help Shows the help menu
^C or exit Exits the shell
list lists all connected clients with their according index
select <index> start shell with client

Client Shell Commands

Command Explanation
help Shows the help menu
^C or exit Exits the client shell and returns to listener shell
os <command> Executes a command in the clients shell and returns the output
background Keeps the connection to a client and returns to listener

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (1,136,873
Security (8,692
Windows 10 (1,390
Pentesting (1,349
Tor (771
Reverse Shell (263
Rat (261
Related Projects