Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us


Commands is a cyberweapon developed entirely by Fluid Attacks for in-depth penetration of workstations and critical servers during Pentesting in One-Shot Hacking when its use is authorized.


We are not only interested in finding vulnerabilities, but also in demonstrating to the client the potential risks and direct impact these vulnerabilities can have on their business. To do this we must have control of multiple critical systems in order to create a network of infected nodes that we control to obtain sensitive information or further infect other nodes.

Código propagándose en varios servidores
Flechas entrando en un computador

How we do it

In order to use FLUIDCommands, first we need administrative access to the vulnerable system. We achieve this through the manual tests executed by our experts. Once we have administrative access we can proceed to remotely infect the first machine. With the first machine compromised, and which we now control, we can expand and infect other connected nodes or focus on this first machine. If we focus on the first infected machine we can do an in-depth search looking for sensitive information or new and bigger attack vectors.

Zero Collateral Damage

It is important to note that the commands cyberweapon is never installed on the vulnerable system as a service nor an automatic running task. Once all tests have concluded it is remotely uninstalled without leaving any trace or collateral damage.

Símbolo de calavera con un signo de verificación
Consola de control
Image taken from Darpa

Command and Control Center

FLUIDCommands uses a Command and Control Center from which we can send orders, or commands, to our botnet of infected nodes. The Command and Control Center communicates with all infected nodes through a reverse proxy using ICMP, always giving us full control over our cyberweapon. With only one infected node, commands can spread remotely to neighboring systems.

Capture Feature

  • Screen Shot: Through the scr command we can take a screen capture of the infected machine without alerting the victim.

  • Audio capture: Using the mic command we can open your microphone and capture live audio.

  • Keylogger: The keylog command allows us to capture and log all your keyboard strokes in order to obtain sensitive data, such as credentials or credit card info.

Toma de pantallazo
Ejecución del comando psexec

exec Feature

This feature allows us to remotely execute any command available through cmd on the infected machine.

echo Feature

This command is used to test the connection and assure we have control of the infected node. It echos back whatever we pass to it.

Ejecución del comando echo
Símbolo de calavera con un signo de escondido

Detection Evasion

Our cyberweapon avoids being detected by all AntiX and SOC controls by masking all requests and commands under a familiar and trusted protocol.

Want to know more about our products? Do not hesitate to contact us.

Service status - Terms of Use