[Vipgift19]

Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre-defined server.
Since NTP is a protocol that is overlooked by many defenders resulting in wide network accessibility.

https://github.com/Idov31/Sandman