Heist Subsystems

Since heist is built on pop it is comprosed of several plugin subsystems, or subs. Each sub is loaded using pop’s dynamic names interface and therefore can be extended using vertical app-merging or adding additional plugins directly to heist.

Heist Subsystem

The heist subsystem is used to create managers for specific daemons. Therefore if there is another agent that someone wanted to add to heist to make it disolvable and distributable via heist they would add a plugin to the heist subsystem.

The required functions to add a new managed agent to heist are:


This is the entry function. The run function is used to start the process of creating tunnels and sending daemon code to target systems.


The deploy function is used to deploy the desired code down to the target systems.


The update function is used to send an updated version of the dasired code down to the target system.


The clean function is called when heist gets shut down. This is used to send commands to the remote systems to shut down and clean up the agents.

Roster Subsystem

The roster subsystem is used to add ways to load up target system data. If it is desired to load roster data from an alternative source a roster can be easily added.

Rosters are very simple, they just need a single async function:


The read function is called to read in the roster data and returns the roster data structure. The roster data structure is a python dict following this structure:

  logincred: data
  logindata: data
  logincred: data
  logindata: data

Artifact Subsystem

The artifact system allows for code artifacts that will be deployed to target systems to be downloaded from an artifact source. The artifact source will be specific to the code that is being deployed. It is typical that an artifact plugin will be built in concert with a specific heist plugin.


Gather the available version data for the artifacts


Download the actual artifact and store it locally so it can be sent down with the heist subsystem.

Tunnel Subsystem

The tunnel subsystem is used to establish communication tunnels with target systems. If you want to use a system for tunneling other than ssh, or you want to use a different ssh backend, just make a new tunnel plugin! The tunnel plugin needs to be able to connect to remote systems, make network tunnels, copy files and execute commands.


Used to create the new tunnel instance on the hub. This is where the persistent connection or re-connection (if needed) logic is created.


The ability to send files to the target system is implemented here.


The ability to retrieve files from the target system is set up here.


This function runs shell commands on the target system


This function creates a network tunnel from ports on the target system back to ports on the source system


Properly destroy a connection.