AndroxGh0st

Tags

Toolkit

Incidents

AndroxGh0st usage (2024)

References

https://permiso.io/blog/s/approach-to-detection-androxgh0st-greenbot-persistence/https://www.lacework.com/blog/androxghost-the-python-malware-exploiting-your-aws-keys/

Last edited

May 30, 2024 2:00 PM

AndroxGh0st is a Python-based malware created to locate and extract .env files from Laravel applications.

AndroxGh0st includes various features for exploiting SMTP, such as scanning for and abusing exposed credentials and APIs, as well as deploying web shells.