Do It Yourself – Website Tutorials
BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability to develop counter-measures against these threats.
It is designed to allow developers to easily implement their own code and add cool new features without having to write a RAT (Remote Administration Tool) or a C2 (Command & Control server) from scratch.
Disclaimer: This project should be used for authorized testing or educational purposes only.
Post-exploitation modules that are remotely importable by clients includes:
Keylogger: logs the user’s keystrokes & the window name entered
Screenshot: take a screenshot of current user’s desktop
Webcam: view a live stream or capture image/video from the webcam
Ransom: encrypt files & generate random BTC wallet for ransom payment (ransomware)
Outlook: read/search/upload emails from the local Outlook client
Packet Sniffer: run a packet sniffer on the host network & upload .pcap file
Persistence: establish persistence on the host machine using 5 different methods
Phone: read/search/upload text messages from the client smartphone
Escalate Privileges: attempt UAC bypass to gain unauthorized administrator privileges
Port Scanner: scan the local network for other online devices & open ports
Process Control: list/search/kill/monitor currently running processes on the host
iCloud: check for logged in iCloud account on macOS
Spreader: spread client to other hosts via emails disguised as a plugin update
Miner: run a cryptocurrency miner in the background (supports Bitcoin & Litecoin)
Credits to the author Daniel Vega-Myhre (Malwared LLC) for this project.
BYOB is available at https://github.com/malwaredllc/byob