Server Web API

If authentication fails, the web server will respond with a 404 page by default.

Auth

POST {endpoint}/refresh

Update JWT access token

Request (JSON)

Header Authorization: Bearer <refresh_token>

Response (JSON)

access_token _string - JWT access token

POST {endpoint}/sync

Start synchronizing data with the client via WebSocket

Request (JSON)

Header Authorization: Bearer <access_token>

Response

POST {endpoint}/otp/generate

Generate OTP

Request (JSON)

Header Authorization: Bearer <access_token>

type _string - object type: "download" or "tmp_upload"
id _string - object ID

Response (JSON)

ok _bool - status
message _string - OTP or error text

Chat

POST {endpoint}/chat/send

Send message to chat

Request (JSON)

Header Authorization: Bearer <access_token>

message _string

Response

Agent

GET {endpoint}/agent/list

Get a list of agents with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of agents with parameters

a_crc _string - agent type hash
a_id _string - agent id
a_name _string - agent type
a_session_key _string - session encrypt key (base64)
a_listener _string - listener name
a_async _bool - is async mode
a_external_ip _string - external IP
a_internal_ip _string - internal IP
a_gmt_offset _int - GMT offset
a_sleep _int - session sleep time
a_jitter _int - session sleep jitter
a_pid _int - PID
a_tid _int - TID
a_arch _string - process arch
a_elevated _bool - is elevated session
a_process _string - process name
a_os _int - OS type (0 - unknown, 1- windows, 2 - Linux, 3 - MacOS )
a_os_desc _string - OS description
a_domain _string - domain name
a_computer _string - computer name
a_username string - username
a_impersonated _string - impersonated username
a_oemcp _int - OemCP
acp _int - ACP
a_create_time _int - creation time in UNIX timestamp format
a_last_tick _int - last tick in UNIX timestamp format
a_killdate _int - packed kill date
a_workingtime _int - packed working time
a_tags _string - tag
a_mark _string - mark
a_color _string - backgroud and line color
a_target _string - target ID

POST {endpoint}/agent/generate

Build and download agent

Request (JSON)

Header Authorization: Bearer <access_token>

listener_name _string - listener name
listener_type _string - listener registration name
agent _string - agent registration name
config _string - agent configuration

Response

Payload content

POST {endpoint}/agent/remove

Remove agent data

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id_array _[strings] - list of agent IDs

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/set/tag

Set a tag for an agent

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id_array _[strings] - list of agent IDs
tag _string - agent tag

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/set/mark

Set a mark for an agent

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id_array _[strings] - list of agent IDs
bc _string - background color
fc _string - foreground color
reset _bool - if true, set default color

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/set/tag

Set a tag for an agent

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id_array _[strings] - list of agent IDs
tag _string - agent tag

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/set/impersonate

Set a impersonate data for an agent

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _strings - agent ID
impersonate _string - impersonate name
elevated _bool - is elevate context

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/command/execute

Create a task for the agent

Request (JSON)

Header Authorization: Bearer <access_token>

id _string - agent ID
ui _bool - UI mode (the task is not saved and does not have a callback)
name _string - agent registration name
cmdline _string - full command
data _string - parsed command data
ax_hook_id _string - AxHook ID

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/console/remove

Remove agent console data

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id_array _[strings] - list of agent IDs

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/task/save

Save data to Task Manager

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _strings - agent ID
command_line _string - full command line
message_type _int - result message type (6 - error, 7 - success)
message _string - task message
clear_text _string - task output

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/task/cancel

Cancel hosted tasks

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _strings - agent ID

tasks_array _[strings] - list of task IDs

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/agent/task/delete

Remove task from Task Manager

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _strings - agent ID

tasks_array _[strings] - list of task IDs

Response (JSON)

ok _bool - status
message _string - empty string or error text

Listener

GET {endpoint}/listener/list

Get a list of listeners with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of listeners with parameters

l_name _string - listener name
l_reg_name _string - listener registration name
l_protocol _string - protocol
l_type _string - listener type
l_bind_host _string - bind host

l_bind_port _string - bind port
l_agent_addr _string - callback hosts & ports
l_status _string - running status

l_data _string - listener config data

l_watermark _string - process name

POST {endpoint}/listener/create

Create and start listener

Request (JSON)

Header Authorization: Bearer <access_token>

name _string - listener name
type _string - listener registration name
config _string - listener config data

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/listener/edit

Edit listener config

Request (JSON)

Header Authorization: Bearer <access_token>

name _string - listener name
type _string - listener registration name
config _string - listener config data

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/listener/stop

Stop and delete listener

Request (JSON)

Header Authorization: Bearer <access_token>

name _string - listener name
type _string - listener registration name

Response (JSON)

ok _bool - status
message _string - status string or error text

Download

GET {endpoint}/download/list

Get a list of downloads with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of downloads with parameters

d_file_id _string - file ID
d_agent_id _string - agent ID
d_agent_name _string - agent registration name
d_user _string - session username
d_computer _string - session computer

d_remote_path _string - remote file path
d_total_size _int - total file size
d_recv_size _int - receive file size

d_date _int - date in UNIX timestamp format

d_state _int - download status (1 - running, 2 - stopped, 3 - finished)

POST {endpoint}/download/sync

Download file content

Request (JSON)

Header Authorization: Bearer <access_token>

file_id _string - file ID

Response (JSON) success

ok _bool - status
filename _string - file basename
content _string - file content in base64

Response (JSON) error

ok _bool - status
message _string - error text

POST {endpoint}/download/delete

Delete file

Request (JSON)

Header Authorization: Bearer <access_token>

file_id _string - file ID

Response (JSON) error

ok _bool - status
message _string - status string or error text

Screen

GET {endpoint}/screen/list

Get a list of screenshots with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of screenshots with parameters

s_screen_id _string - screen ID
s_user _string - session username
s_computer _string - session computer

s_note _string - screenshot note
d_date _int - date in UNIX timestamp format

d_content _string - screenshot content in base64

POST {endpoint}/screen/setnote

Set a note for a screenshot

Request (JSON)

Header Authorization: Bearer <access_token>

screen_id_array _[strings] - list of screen IDs
note _string - screenshot note

Response (JSON)

ok _bool - status
message _string - empty string or error text

POST {endpoint}/screen/remove

Remove a screenshot

Request (JSON)

Header Authorization: Bearer <access_token>

screen_id_array _[strings] - list of screen IDs

Response (JSON)

ok _bool - status
message _string - empty string or error text

Creds

GET {endpoint}/creds/list

Get a list of credentials with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of credentials with parameters

c_creds_id _string - creds ID
c_username _string - login
c_password _string - password
c_realm _string - domain
c_type _string - creds type
c_tag _string - creds tag
d_date _int - date in UNIX timestamp format
d_storage _string - creds storage
c_agent_id _string - agent ID
c_host _string - session computer

POST {endpoint}/creds/add

Store credentials to Creds Manager

Request (JSON)

Header Authorization: Bearer <access_token>

creds - List of credentials with parameters
- username _string - login
- password _string - password
- realm _string - domain
- type _string - creds type
- tag _string - creds tag
- storage _string - creds storage
- host _string - session computer

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/creds/edit

Edit stored credentials

Request (JSON)

Header Authorization: Bearer <access_token>

cred_id _string - creds ID

username _string - login
password _string - password

realm _string - domain

type _string - creds type

tag _string - creds tag

storage _string - creds storage

host _string - session computer

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/creds/set/tag

Set creds tag

Request (JSON)

Header Authorization: Bearer <access_token>

id_array _[string] - list of creds IDs
tag _string - tag for the creds

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/creds/remove

Remove stored credentials

Request (JSON)

Header Authorization: Bearer <access_token>

cred_id_array _[string] - list of creds IDs

Response (JSON)

ok _bool - status
message _string - status string or error text

Targets

GET {endpoint}/targets/list

Get a list of targets with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of targets with parameters

t_target_id _string - target ID

t_computer _string - hostname
t_domain _string - domain name
t_address _string - host IP address
t_os _int - OS type (0 - unknown, 1- windows, 2 - Linux, 3 - MacOS )
t_os_desc _string - OS description
t_tag _string - target tag
t_info _string - target info
d_date _int - date in UNIX timestamp format

t_alive _bool - is alive target
t_agents _[string] - list of agents ID

POST {endpoint}/targets/add

Store credentials to Creds Manager

Request (JSON)

Header Authorization: Bearer <access_token>

targets - List of targets with parameters
- computer _string - hostname
- domain _string - domain name
- address _string - host IP address
- os _int - OS type (0 - unknown, 1- windows, 2 - Linux, 3 - MacOS )
- os_desc _string - OS description
- tag _string - target tag
- info _string - target info
- alive _bool - is alive target

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/targets/edit

Edit stored target

Request (JSON)

Header Authorization: Bearer <access_token>

t_target_id _string - target ID

t_computer _string - hostname
t_domain _string - domain name
t_address _string - host IP address
t_os _int - OS type (0 - unknown, 1- windows, 2 - Linux, 3 - MacOS )
t_os_desc _string - OS description
t_tag _string - target tag
t_info _string - target info

t_alive _bool - is alive target

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/targets/set/tag

Set target tag

Request (JSON)

Header Authorization: Bearer <access_token>

id_array _[string] - list of target IDs
tag _string - tag for the target

Response (JSON)

ok _bool - status
message _string - status string or error text

POST {endpoint}/targets/remove

Remove stored targets

Request (JSON)

Header Authorization: Bearer <access_token>

target_id_array _[string] - list of target IDs

Response (JSON)

ok _bool - status
message _string - status string or error text

Tunnel

GET {endpoint}/tunnel/list

Get a list of tunnels with full information

Request

Header Authorization: Bearer <access_token>

Response (JSON)

List of tunnels with parameters

p_tunnel_id _string - tunnel ID
p_agent_id _string - agent ID

p_computer _string - session computer
p_username _string - session user
p_process _string - session process

p_type _string - tunnel type
p_info _string - tunnel info

p_interface _string - listen address
p_port _string - listen port
p_client _string - listen client
p_fhost _string - forward address
p_fport _string - forward port
p_auth_user _string - proxy login
p_auth_pass _string - proxy password

POST {endpoint}/start/socks5

Start socks5 proxy

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _string - agent ID
listen _bool - is listen port on teamserver
desc _string - tunnel info
l_host _string - listen address
l_port _int - listen port
use_auth _bool - use authentication
username _string - proxy login
password _string - proxy password

Response (JSON)

ok _bool - status
message _string - tunnel ID or error text

POST {endpoint}/start/socks4

Start socks4 proxy

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _string - agent ID
listen _bool - is listen port on teamserver
desc _string - tunnel info
l_host _string - listen address
l_port _int - listen port

Response (JSON)

ok _bool - status
message _string - tunnel ID or error text

POST {endpoint}/start/lportfwd

Start local port forwarding

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _string - agent ID
listen _bool - is listen port on teamserver
desc _string - tunnel info
l_host _string - listen address
l_port _int - listen port

t_host _string - target address
t_port _int - target port

Response (JSON)

ok _bool - status
message _string - tunnel ID or error text

POST {endpoint}/start/rportfwd

Start reverse port forwarding

Request (JSON)

Header Authorization: Bearer <access_token>

agent_id _string - agent ID
listen _bool - is listen port on teamserver
desc _string - tunnel info

port _int - listen port
t_host _string - target address
t_port _int - target port

Response (JSON)

ok _bool - status
message _string - tunnel ID or error text

POST {endpoint}/set/info

Set tunnel info

Request (JSON)

Header Authorization: Bearer <access_token>

p_tunnel_id _string - tunnel ID

p_info _string - tunnel info

Response (JSON)

ok _bool - status
message _string - tunnel ID or error text

POST {endpoint}/stop

Stop tunnel

Request (JSON)

Header Authorization: Bearer <access_token>

p_tunnel_id _string - tunnel ID

Response (JSON)

ok _bool - status
message _string - tunnel ID or error text

PreviousAxMenu type NextPlugins (in dev)

Last updated 1 month ago