Are you happy with your logging solution? Would you help us out by taking a 30-second survey? Click here


PoC to tunnel the Meterpreter reverse HTTP shell over RDP Virtual Channels

Subscribe to updates I use Fenrir

Statistics on Fenrir

Number of watchers on Github 43
Number of open issues 0
Main language C#
Open pull requests 0+
Closed pull requests 0+
Last commit over 4 years ago
Repo Created over 4 years ago
Repo Last Updated over 1 year ago
Size 202 KB
Organization / Authornccgroup
Page Updated
Do you use Fenrir? Leave a review!
View Fenrir activity
View on github
Fresh, new opensource launches 🚀🚀🚀
Trendy new open source projects in your inbox! View examples

Subscribe to our mailing list

Evaluating Fenrir for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)


Released as open source by NCC Group Plc -

Developed by Dave Spencer, david [dot] spencer [at] nccgroup [dot] com

Released under AGPL see LICENSE for more information


Fenrir was created to prove that it is possible to tunnel network traffic over an RDP virtual channel, however it is still in its infancy. This PoC was to designed to tunnel the meterpreter reverse http shell over the virtual channel The long term goal here will be to create a fully-fledged socks proxy, from Loki to Fenrir and vice versa.

Fenrir is designed to be used with Loki ( and Sleipnir (


Fenrir is very simple to use, use the Metasploit Server and Metasploit Port fields on Lokis initial interface to specify the location of the users metasploit listener, and enter the port number you want to listen on the RDP server (default is 3000).

Once the Start Forwarder button is clicked Fenrir checks if the port is available and if so opens a listening port on Any traffic sent to this port is forwarded on to the server and port that the user specified in the initial Loki interface.

Fenrir list of languages used
Other projects in C#