Pacdoor
Pacdoor is a proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File. Pacdoor includes a 2-way communication channel, ability to exfiltrate HTTPS URLs, disable access to cherry-picked URLs etc.
It was released as part of the Crippling HTTPS with Unholy PAC talk given at BlackHat USA 2016 conference by Itzik Kotler and Amit Klein from SafeBreach Labs.
Slides are availble here
Version
0.1.0
Installation
Pacdoor requires Python 2.7.x to run.
$ git clone https://github.com/SafeBreach-Labs/pacdoor.git
$ cd pacdoor
$ cd server
$ pip install -r requirements.txt
License
BSD 3-Clause