A stealthy Python based backdoor that uses Twitter (Direct Messages) as a command and control server This project has been inspired by Gcat which does the same but using a Gmail account.


For this to work you need:

  • A Twitter account (Use a dedicated account! Do not use your personal one!)
  • Register an app on Twitter with Read, write, and direct messages Access levels.

Install the dependencies:

$ pip install -r requirements.txt

This repo contains two files:

  • which is the client
  • the actual backdoor to deploy

In both files, edit the access token part and add the ones that you previously generated:




You’re probably going to want to compile into an executable using Pyinstaller In order to remove the console when compiling with Pyinstaller, the flags --noconsole --onefile will help. Just saying.

Twitter as a C&C server

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest