BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability to develop counter-measures against these threats.
It is designed to allow developers to easily implement their own code and add cool new features without having to write a RAT (Remote Administration Tool) or a C2 (Command & Control server) from scratch.
The RAT’s key feature is that arbitrary code/files can be remotely loaded into memory from the C2 and executed on the target machine without writing anything to the disk.
Also ReadDrozer v2.4.4 – The Leading Security Assessment Framework For Android
usage: server.py [-h] [-v] [--host HOST] [--port PORT] [--database DATABASE]
Command & control server with persistent database and console
usage: client.py [-h] [-v] [--name NAME] [--icon ICON]
[--pastebin API] [--encrypt] [--obfuscate] [--compress] [--compile] host
port [module [module ...]]
Generate fully-undetectable clients with staged payloads, remote imports, and unlimited modules
./byob/modules/
directory automatically becomes remotely importable & directly usable by every client while your command & control server is running./byob/modules/
directory to make writing your own modules a straight-forward, hassle-free processPost-exploitation modules that are remotely importable by clients
byob.modules.keylogger
): logs the user’s keystrokes & the window name enteredbyob.modules.screenshot
): take a screenshot of current user’s desktopbyob.modules.webcam
): view a live stream or capture image/video from the webcambyob.modules.ransom
): encrypt files & generate random BTC wallet for ransom paymentbyob.modules.outlook
): read/search/upload emails from the local Outlook clientbyob.modules.packetsniffer
): run a packet sniffer on the host network & upload .pcap filebyob.modules.persistence
): establish persistence on the host machine using 5 different methodsbyob.modules.phone
): read/search/upload text messages from the client smartphonebyob.modules.escalate
): attempt UAC bypass to gain unauthorized administrator privilegesbyob.modules.portscanner
): scan the local network for other online devices & open portsbyob.modules.process
): list/search/kill/monitor currently running processes on the hostCore framework modules used by the generator and the server
byob.core.util
): miscellaneous utility functions that are used by many modulesbyob.core.security
): Diffie-Hellman IKE & 3 encryption modes (AES-256-OCB, AES-256-CBC, XOR-128)byob.core.loaders
): remotely import any package/module/scripts from the serverbyob.core.payloads
): reverse TCP shell designed to remotely import dependencies, packages & modulesbyob.core.stagers
): generate unique payload stagers to prevent analysis & detectionbyob.core.generators
): functions which all dynamically generate code for the client generatorbyob.core.database
): handles interaction between command & control server and the SQLite databaseBurrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…