Shadow Control || HVNC || Stealer v142+ Chromium || RAT
🔥 Core Features & Capabilities
⚙️ Administration
- System Information: Gain a comprehensive overview of the remote machine's hardware and software configuration, including processor details, memory capacity, disk information, operating system version, and network settings.
- File Manager: A full-featured file explorer that allows you to navigate, upload, download, execute, rename, and delete files and directories on the remote system with an intuitive interface.
- Startup Manager: View and manage all applications configured to launch automatically during system boot. Enable, disable, or add new startup entries for persistent access.
- Task Manager: Monitor all running processes and services in real-time. Terminate unwanted applications or launch new processes remotely with administrative privileges.
- Remote Shell: Execute commands with full administrative access using both Command Prompt (cmd.exe) and PowerShell, with real-time output streaming directly to your console.
- TCP Connections: Monitor all active network connections and ports, providing visibility into the remote system's network activity and established sessions.
- Reverse Proxy: Route your network traffic through the compromised host, leveraging it as a gateway for internal network exploration and penetration testing.
- Registry Editor: Access and modify the Windows registry with a familiar tree-based interface, allowing deep system configuration changes and persistence mechanisms.
- Remote Execute: Support Local Disk and Web URL Execute, has Run PE and Injection
- Actions: A suite of instant power commands for immediate system control:
- Shutdown: Power down the remote computer completely.
- Restart: Force a full system reboot.
- Standby: Put the system into sleep or hibernation mode.
- Lock Screen: Immediately lock the workstation, requiring a password to regain access.
👁️ Monitoring
- Remote Desktop: View and interact with the remote user's live desktop in real-time. Experience smooth, high-quality streaming that lets you see exactly what the user sees, perfect for direct monitoring and support.
- Webcam: Remotely access the video feed from the target's webcam. Capture photos or stream live video directly to your panel to visually confirm the physical environment (for authorized use only).
- Remote Sound: Stream the audio output from the remote computer directly to your machine. Listen to system sounds, music, or anything else the user is hearing through their speakers.
- Remote Microphone: Capture audio input directly from the target's microphone. Monitor conversations, meetings, or any ambient sounds in the room with crystal clear quality.
- HVNC (Hidden Virtual Network Computing): Our flagship stealth feature. Create a hidden, virtual desktop session that runs in the background. You can perform tasks and run programs in this session, which is completely invisible to the user, leaving no trace on their physical screen. Support Chrome, OperaGX, Firefox, MSEdge, Custom Chromium Based Cloning, Powershell Execute, CMD Execute, Discord Execute, Opera, Brave, Cutom File Execute, Bidirectional Clipboard Support.
- Keylogger: Capture every keystroke made on the remote keyboard. This advanced logger records all typed text—including passwords, messages, and emails—into an organized, time-stamped log for your review. Online live preview and Offline preview support.
- Password Recovery: Automatically extract and decrypt saved credentials from over 50+ supported applications. This includes browsers (Chrome, Firefox, Edge), email clients, FTP software, and instant messengers, giving you access to a vast array of login information.
- Shadow Grabbing: A powerful v142+ Chromium Support, all-in-one data harvesting function. With a single command, this feature automatically collects and bundles passwords, cookies, history, and session data from all installed browsers and applications into a convenient report.
- Virtual Monitor: A revolutionary feature for systems with no physical display connected.
- Install Virtual Monitor: Creates a virtual display driver, enabling full remote desktop functionality even on headless machines (eg, servers).
- Uninstall Virtual Monitor: Cleanly removes the virtual display driver when it is no longer needed.
- Location: Retrieve the geographical location of the target machine by resolving its external IP address. Provides an estimated location on a map, giving you insight into the physical whereabouts of the device .
💬 User Support & Interaction
- Remote Scripting: Execute custom scripts and commands directly on the remote machine with high-level privileges. This powerful feature supports various scripting languages (eg, VBS, PowerShell, Batch) to automate complex tasks, modify system settings, or deploy payloads on the fly.
- Show Messagebox: Display custom system message boxes on the remote user's desktop. This is perfect for providing instructions, issuing fake security warnings for social engineering, or simply sending a text message directly to the user. Fully customizable title, message, and icon type.
- Send to Website: Force the remote computer's default web browser to open and navigate to a specific URL of your choice. This can be used to redirect a user to a login portal, a specific resource, or a custom-crafted phishing page as part of a penetration test.
🛠️ Miscellaneous & System Hardening
- Add C: Drive Exception: Creates a Windows Defender exclusion for the entire C: drive. This prevents Defender from scanning the system's primary storage, effectively hiding your payload and activities from real-time detection.
- Disable Defender: Temporarily disables Windows Defender's real-time monitoring and cloud-delivered protection. This is a non-destructive method to lower the system's defenses without removing the security software.
- Kill Defender: Forces the termination of all core Windows Defender processes. This aggressively neutralizes the antivirus service immediately, though it may restart or trigger alerts.
- Overwrite Defender: Our most advanced defense evasion technique. This function does not just disable Defender; it manipulates the system to make Windows believe a different, legitimate antivirus is active . It can overwrite the Defender interface and reports to display a fake AV name (such as a common third-party antivirus), causing the operating system to automatically disable the real Windows Defender, as it does not allow two AVs to run concurrently. This provides a deep, system-level cloak.
⚡ Other Options: System Manipulation & Control
- Disable Task Manager: Prevents the user from accessing the Windows Task Manager, stopping them from viewing or killing processes.
- Disable UAC: Disables User Account Control prompts, allowing for seamless elevation of privileges without user interaction.
- Disable Firewall: Turns off the Windows Firewall completely, opening the system's network ports for unrestricted access.
- Disable Registry: Blocks access to the Registry Editor (regedit.exe), preventing users from modifying system settings.
- Block AV Sites: Modifies the hosts file to block connections to major antivirus vendor websites, hindering the user's ability to seek help or download security software.
- Disable Windows Update: Stops Windows from downloading and installing security updates, ensuring your access is not patched out.
- Delete System Restore: Removes all system restore points, eliminating a common recovery method that could reverse your changes.
- Change Wallpaper: Instantly sets the desktop background to an image of your choice.
- Swap Mouse Buttons: Reverses the primary and secondary mouse buttons (left becomes right), creating immediate confusion.
- Hide Taskbar: Makes the Windows taskbar disappear, limiting the user's ability to navigate their system.
- Flip Screen: Inverts the desktop display 180 degrees.
- Blank Screen: Turns On/Off the user's monitor white, simulating a crash or hardware failure.
- Jump Scare: Displays a full-screen, starting image or animation to surprise the user.
- System Sound: Mute/High PC sound
- Keyboard Input: Block/Unblock keyboard input.
- Mute Sound / Volume High: Either completely mutes the system audio or sets the volume to 100%.
- BSOD (Blue Screen of Death): Triggers a system crash, forcing the infamous Blue Screen. This is a powerful demonstration of control and can be used for disruptive testing.
- GDI (Graphics Device Interface): A suite of functions to manipulate graphical elements, potentially used to create visual glitches or artifacts on the screen.
₿ Wallets & Cryptocurrency Tools
- Wallet Injection: A highly advanced feature that actively targets and injects into the memory processes of popular cryptocurrency wallets. This allows for the direct extraction of private keys, seed phrases, and live wallet data from actively running applications. Currently supports a wide range of wallets including Exodus Wallet, Electrum Wallet, Atomic Wallet, Coinomi Wallet.
- Seed Phrase & Key Extraction: Specialized routines to decrypt and extract the core assets from wallets, including:
- Private Keys
- Recovery Seed Phrases (Mnemonic phrases)
- Keystore Files
- Wallet Backup Files
🔒 Ransomware
- Encrypt: Initiate a simulated ransomware attack on the remote system. This feature will:
- Encrypt files across specified drives (eg, documents, images, databases) using a strong encryption algorithm.
- deploy a custom ransom note to the victim's desktop, explaining the simulation and providing contact information for the "attacker".
- Decrypt: Safely reverse the simulation by restoring all encrypted files to their original state using the unique decryption key. This ensures no permanent damage is done and validates the recovery process during a security drill.
📊 Client Management & Persistence
- Add Nickname: Assign custom aliases to your clients for easy identification and organization within your list.
- Block IP: Temporarily block a specific client's IP address from connecting to the panel, useful for managing unwanted connections.
- Update Client: Remotely push and install an updated version of the client software to a specific machine, ensuring it remains functional and up-to-date.
- Reconnect: Force a client to drop and immediately re-establish its connection to your server. Useful for refreshing an unstable session.
- Disconnect: Gracefully terminate the active session with a client without uninstalling the software. The client will remain installed and may reconnect based on its persistence settings.
- Uninstall Client: Completely and silently remove the Shadow Control client from the remote system, cleaning up all traces of the installation.
⬆️ Privilege Escalation & Persistence
- Elevated: Displays the current privilege level of the client (eg, User, Admin, System).
- Elevate Client Permissions / UAC Bypass: Attempts to bypass User Account Control (UAC) to gain Administrator-level privileges on the remote system, enabling access to protected areas.
- Elevate to System: Uses advanced techniques to elevate the client's privileges from Administrator to SYSTEM level—the highest possible authority in Windows—granting unrestricted access to the entire OS.
- De-Elevate From System: Safely lower the client's privileges from SYSTEM back to a lower level (like Administrator) if needed for specific operational requirements.
- WinRE Persistent: Implements a powerful, deep persistence mechanism by injecting the client into the Windows Recovery Environment (WinRE) . This ensures the client survives operating system re-installations and remains active even if the main OS is replaced.
₿ Crypto Clipper
Supported Cryptocurrencies:
- BTC: Bitcoin
- ETH: Ethereum
- LTC: Litecoin
- XMR: Monero
- SOL: Solana
- DASH: Dash
- XRP: Ripple
- TRX: Tron
- BCH: Bitcoin Cash
🔔 Keywords Notifier
- Custom Keyword List: Add unlimited keywords/phrases to monitor (eg, "password", "login", "bank", "crypto", project names)
- Universal Monitoring: Scans across applications, browsers, documents, and communication tools
- Instant Real-time Alerts: Get immediate notifications when keywords are detected
💰 Pricing & Purchase
A lifetime license for Shadow Control is available for $1200 . This one-time payment grants you permanent access to all current and future features, including updates and new modules.
🌐 Official Website
For more information, to purchase a license, or to contact us, visit our official website:
Последнее редактирование модератором:
