BROWNIE TUB can support essentially any web shell that is based on commands being passed via HTTP(S).
- Flexible: can support command-passing in any HTTP header, in any cookie, POST parameter, or GET parameter.
- Securable: can integrate with password authentication mechanisms
- Easy-to-Use: simple GUI allows easy control and configuration of your shells
- Persistent: Stores data in an RxDB store (backed by PouchDB)
- Control multiple shells from one app: track as many shells as you'd like, and switch between them seamlessly
- Note that BROWNIE TUB comes with a small set of commands (i.e. read file, change directory) out-of-the-box. Feel free to fork and add more, though.
- This is because the concept of BROWNIE TUB is to support web shells designed as initial footholds.
- If your entire campaign is web-shell-based, then you will want to add extra commands, for sure.
- You could also add an
Issue
, with a label ofEnhancement
, and I'll see if I have time to implement it (around my day job etc. of course)
- Clone this repo
- Run
npm install
to grab the dependencies - Run
npm run rebuild
to rebuild the sqlite3 module, so it works with electron - Run
npm run build
to build the react part - Run
npm run electron-pack
to package the app.
Under Releases
, there are binaries (.exe
, .deb
, .AppImage
) for Windows and Linux platforms.