Skip to content

Tuoni 0.14.0

ExecUnit Support, Payload Wizard, Embedded HTTP Listener

Overview

Welcome to Tuoni 0.14.0! This release introduces ExecUnit support across payloads, listeners, commands, and agents, a new Payload Generation Wizard, embedded HTTP listener support for generated payloads, major high-load UI improvements, and a new client theme engine.

ExecUnit Support

ExecUnits add a more flexible way to generate and run payloads, listeners, and commands. The server now exposes command, listener, and payload ExecUnit capabilities through the API, while agents can report supported execution types, preferred execution order, sleep settings, and next expected callback metadata.

For commercial Windows agents, ExecUnit support now covers shellcode, .NET EXE, .NET DLL, and native library execution. Windows HTTP, TCP, and DNS listeners can also be generated as .NET EXE, .NET DLL, shellcode, or native DLL outputs, including native DNS transport support.

Payload Generation Wizard

The older payload dialogs have been replaced with a guided Payload Generation Wizard. The new flow covers listener selection, template selection, configuration, quick generation, delivery, downloads, launcher generation, payload cloning, and reuse of existing payloads.

Payload management also received multi-select, bulk delete, improved file upload handling, clearer validation feedback, and support for embedded listener options where available.

Embedded HTTP Listener & Payload Improvements

Windows agents can now embed an HTTP listener directly into generated payloads. Commercial payload generation also adds Authenticode PE signing, configurable signing certificates, PE VersionInfo metadata, configurable execution-unit preference order, and templated IPC pipe names for non-shellcode Windows execution.

Linux and BSD payloads now support pure in-memory custom plugin loading, improving payload flexibility without requiring files to be written to disk.

High-Load UI & Bulk Workflows

This release improves Tuoni behavior in environments with 1000+ agents. The agent store and table are faster, stale-agent handling is safer, and reconnect behavior is clearer. The client now includes persistent reconnect banners, per-server retry controls, quieter inactive-server handling, fixed table headers, sortable next-callback display, and better cleanup for pending timers and fetches.

Agent multi-select is now available with Ctrl/Shift selection, reusable table selection behavior, and a floating bulk action bar for working with many agents at once.

Client Polish

  • New runtime theme engine with persisted theme selection
  • Dracula, GitHub, and deuteranopia theme variants
  • Improved execConf and @files autocomplete and highlighting
  • execUnitType support in the terminal
  • Better hyphenated argument parsing
  • Improved Ctrl+U and Ctrl+C behavior
  • Better browser find handling and cursor positioning after font load
  • Left drawer rail toggle, fixed drawer viewport sizing, improved help/API links, notifier actions, and user authority initialization

Commands & Listeners

  • Added Powerpick with TLV configuration, streamed output, and error stream reporting
  • Added remote execution templates for SSH, WinRM, WMI, service execution, and SCP upload workflows
  • Added Timestomp command templates
  • Added Kerberos support for Jump-SSH
  • Port scan can now return hostname data through DNS, NetBIOS, or fallback resolution
  • Added .NET and native screenshot variants with improved DPI handling and JPEG encoding
  • Added bindToPort and bindAddress handling for TCP reverse listeners
  • Fixed HTTPS listener bind-address handling
  • HTTP listeners can read listener-specific metadata from configured headers

Reliability & Security

The server now includes a permission discovery endpoint at /api/v1/permissions, MD5 logging for hosted file and payload downloads, improved script restart stability, safer hosted file upload and replacement handling, and reduced database load for agent fetches and command updates.

The UI also fixes an XSS vulnerability reported by spaceraccoon.

Community

Our Discord Community is live! Join us to ask questions, share feedback, and connect with other Tuoni users.

For a complete list of changes, visit our GitHub release page.