Pacdoor is a proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File. Pacdoor includes a 2-way communication channel, ability to exfiltrate HTTPS URLs, disable access to cherry-picked URLs etc.
It was released as part of the Crippling HTTPS with Unholy PAC talk given at BlackHat USA 2016 conference by Itzik Kotler and Amit Klein from SafeBreach Labs.
Slides are availble here
0.1.0
Pacdoor requires Python 2.7.x to run.
$ git clone https://github.com/SafeBreach-Labs/pacdoor.git
$ cd pacdoor
$ cd server
$ pip install -r requirements.txtBSD 3-Clause