Skip to content

feat: add ARM64 deploy variations for linux and windows#467

Open
RachHavoc wants to merge 1 commit into
mitre:masterfrom
RachHavoc:feature/arm64-deploy-variations
Open

feat: add ARM64 deploy variations for linux and windows#467
RachHavoc wants to merge 1 commit into
mitre:masterfrom
RachHavoc:feature/arm64-deploy-variations

Conversation

@RachHavoc

Copy link
Copy Markdown

Description

Adds ARM64 deployment variations for linux and windows platforms, mirroring
the darwin ARM64 support added in #435.

Type of change

  • New feature (non-breaking change which adds functionality)

  • data/abilities/command-and-control/2f34977d-9558-4c12-abad-349716777c6b.yml

    • Added architecture: AMD64 label to existing linux and windows variations for consistency with darwin
    • Added full ARM64 variation set for linux (curl + -H "architecture:arm64")
    • Added full ARM64 variation set for windows (PowerShell WebClient + .Headers.add("architecture","arm64"))

How Has This Been Tested?

Copy + Pasted Sandcat Agent code from UI on the following ARM based VMs. Successfully got beacons and was able to send instructions to the agent.

Tested on:

  • Linux ARM64 (e.g. Graviton / Raspberry Pi)
  • Windows ARM64

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code

Notes

Windows ARM64 sandcat binary may need to be cross-compiled separately if not
already present in payloads/. See build instructions in README.

@sonarqubecloud

sonarqubecloud Bot commented Apr 3, 2026

Copy link
Copy Markdown

@clenk

clenk commented Apr 3, 2026

Copy link
Copy Markdown
Contributor

#455 solves the same problem a different way...

@github-actions

github-actions Bot commented Jun 3, 2026

Copy link
Copy Markdown

This pull request is stale because it has had no activity for 60 days. Remove the stale label or comment or this will be closed in 60 days

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants