I lost my old GPG key. import this new one


Pitraix: Reborn

  • Modern Cross-Platform HTTP-Based P2P Botnet over TOR that cannot be traced nor taken down.

  • Design is based off “zero-trust” even malicious peers cannot do any damage while protecting operator identity. for more information check wiki

  • Pitraix is able to handle millions of bots (called hosts)

  • You can run Pitraix on a toaster and it will still work just as good with said millions of hosts.

Built-in Crypter and self-spreading

  • Pitraix has ability to self-modify own code which results in a completely different executable in terms of hash on every new infection, This means security researchers tracking infections via virustotal and similar are no longer a threat. This also means Anti-Malware cannot detect it. All is done automagically and does not need operator intervention.

  • Pitraix has EternalBlue, Follina and UACME 0-days built-in to automagically spread, also has the ability to self-spread to the Host email & social media friends, and usb devices

Cross-platform with some sneaky 1-days

  • Pitraix works on Windows 7 all way to Windows 11 as well as linux

  • it has ability to automagically privilege escalate in both platforms

  • on Linux it does by keylogging password when the host uses “sudo” or “doas”

  • on Windows it uses a modified version of UACME (work in progress)

  • Mac and *BSD support is work in progress

Dynamic Behaviour

  • Pitraix chooses random names and locations on every infection

Anonymous and secure

  • All pitraix communications happen over the TOR network and never on clearnet

  • All pitraix communications are encrypted using AES-256 on top of TOR encryption

  • Pitraix is coded in Go. Go is memory safe, statically linked, and real fast.

  • Hosts (bots) don’t know each other.

  • Agents are Hosts that have been given TOR onion addresses of other Hosts, Agents relay instructions from Operative to Hosts. for more techincal information check the wiki

  • Operatives appear to others as infected computers, This is to protect against targeted network timing and packets attacks over TOR


  • State-of-art encryption using AES-256 and Public-Key cryptography

  • Peer-to-Peer over TOR

  • Dynamic behaviour

  • Built-in crypter

  • Built-in 4 different 0-Days! (EternalBlue, Follina, UACME, etc)

  • Built-in RDP over TOR (works on linux too!)

  • Built-in modules system that allows you to make your own custom features

  • Built-in ransomware that is incredibly fast and never stores keys on HOST

  • Auto disable backup like Volume Shadow Copy, OneDrive and Windows Backup

  • Can extract Passwords, Emails, Usernames, Credit Cards, Cookies, Addresses, Phone numbers and History from ALL popular browsers (Microsoft Edge, Chrome, Brave, Opera, Yandex, Firefox)

  • Built-in keylogger that only picks interesting things

  • Auto spreading to USBs, modified version of EternalBlue, and bunch other 1-days

  • Auto privilege escalate on Windows and Linux!

  • Can hide from ALL system monitoring tools on Linux! (uses LD_PRELOAD)

  • Ability to hijack crypto addresses in clipboard

  • ZERO read/write to registry, thus lower detection

  • Time-based Anti-Debugging detection

  • Advanced VM detection (Detects VirtualBox, VMware, Microsoft Hyper, KVM, Qemu, etc)

  • Colorful terminal interface for operatives

  • Readiable code easy to modify, not alot of scattered files

  • Extremely low system and internet requirements

  • Ability to capture Events. Events are anything interesting that happens on a host computer, currently it’s tied only to keylogger

  • Ability to capture Logs. Logs are mainly used for debugging behaviour and errors

Picture of working OPER


  • For my GPG key please check gpg.asc

  • Anyone who claims to be me and have not signed a message with my key is NOT me


  • if you’d like to support me to keep updating, best way is via crypto.

  • Monero: 85HjZpxZngajAEy2123NuXgu1PnNyq2DLSkkr93cyT8QQVae1GruhL4hHAtnaFqeCF7Vo9eW2P11Sig8DDqzVzCSE95NaW6

  • Bitcoin (segwit): bc1q2dqk9u06vv2j5p6yptj9ex7epfv77sxjygnrnw

Setting it up

  • Downloaded from Releases and not master
  • Read the wiki for information on how to set up and use properly


  • Type “help” in OPER for list of commands

Future & Techincal Terms definition

  • Please read Techincal Info for list of terms and their respective meaning alongside tons of useful information for anybody even thinking of editing source code
  • Speed may vary due TOR network, TOR is expected to be upgraded soon and thus speed should be greatly improved then
  • TOR binary from the Tor Project (which Pitraix uses) is signed and thus does not affect detection rate negatively.

I am not responsible for any damage you do using this!


View Github