BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability to develop counter-measures against these threats.
It is designed to allow developers to easily implement their own code and add cool new features without having to write a RAT (Remote Administration Tool) or a C2 (Command & Control server) from scratch.
The RAT’s key feature is that arbitrary code/files can be remotely loaded into memory from the C2 and executed on the target machine without writing anything to the disk.
Also ReadDrozer v2.4.4 – The Leading Security Assessment Framework For Android
usage: server.py [-h] [-v] [--host HOST] [--port PORT] [--database DATABASE]
Command & control server with persistent database and console
usage: client.py [-h] [-v] [--name NAME] [--icon ICON]
[--pastebin API] [--encrypt] [--obfuscate] [--compress] [--compile] host
port [module [module ...]]
Generate fully-undetectable clients with staged payloads, remote imports, and unlimited modules
./byob/modules/
directory automatically becomes remotely importable & directly usable by every client while your command & control server is running./byob/modules/
directory to make writing your own modules a straight-forward, hassle-free processPost-exploitation modules that are remotely importable by clients
byob.modules.keylogger
): logs the user’s keystrokes & the window name enteredbyob.modules.screenshot
): take a screenshot of current user’s desktopbyob.modules.webcam
): view a live stream or capture image/video from the webcambyob.modules.ransom
): encrypt files & generate random BTC wallet for ransom paymentbyob.modules.outlook
): read/search/upload emails from the local Outlook clientbyob.modules.packetsniffer
): run a packet sniffer on the host network & upload .pcap filebyob.modules.persistence
): establish persistence on the host machine using 5 different methodsbyob.modules.phone
): read/search/upload text messages from the client smartphonebyob.modules.escalate
): attempt UAC bypass to gain unauthorized administrator privilegesbyob.modules.portscanner
): scan the local network for other online devices & open portsbyob.modules.process
): list/search/kill/monitor currently running processes on the hostCore framework modules used by the generator and the server
byob.core.util
): miscellaneous utility functions that are used by many modulesbyob.core.security
): Diffie-Hellman IKE & 3 encryption modes (AES-256-OCB, AES-256-CBC, XOR-128)byob.core.loaders
): remotely import any package/module/scripts from the serverbyob.core.payloads
): reverse TCP shell designed to remotely import dependencies, packages & modulesbyob.core.stagers
): generate unique payload stagers to prevent analysis & detectionbyob.core.generators
): functions which all dynamically generate code for the client generatorbyob.core.database
): handles interaction between command & control server and the SQLite databaseKali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…