{% extends "layout.html" %}
{% block main %}
Disclaimer: This project should be used for authorized testing or educational purposes only.
BYOB is an open-source project that provides a framework for security researchers and developersto build and operate a basic botnet to deepen their understanding of the sophisticated malwarethat infects millions of devices every year and spawns modern botnets, in order to improve theirability to develop counter-measures against these threats.
It is designed to allow developers to easily implement their own code and add cool newfeatures without having to write a RAT (Remote Administration Tool) or aC2 (Command & Control server) from scratch.
The RAT's key feature is that arbitrary code/files can be remotely loaded into memoryfrom the C2 and executed on the target machine without writing anything to the disk.
Supports Python 2 & 3.
Generate fully-undetectable clients with staged payloads, remote imports, and unlimited post-exploitation modules
./byob/modules/ directoryautomatically becomes remotely importable & directly usable by every client whileyour command & control server is running./byob/modules/ directory to make writingyour own modules a straight-forward, hassle-free processPost-exploitation modules that are remotely importable by clients
byob.modules.keylogger): logs the user\u2019s keystrokes & the window name enteredbyob.modules.screenshot): take a screenshot of current user\u2019s desktopbyob.modules.outlook): read/search/upload emails from the local Outlook clientbyob.modules.packetsniffer): run a packet sniffer on the host network & upload .pcap filebyob.modules.persistence): establish persistence on the host machine using 5 different methodsbyob.modules.phone): read/search/upload text messages from the client smartphonebyob.modules.escalate): attempt UAC bypass to gain unauthorized administrator privilegesbyob.modules.portscanner): scan the local network for other online devices & open portsbyob.modules.process): list/search/kill/monitor currently running processes on the hostbyob.modules.icloud): check for logged in iCloud account on macOSCommand & control server with persistent database and console
Core framework modules used by the generator and the server
byob.core.util): miscellaneous utility functions that are used by many modulesbyob.core.security): Diffie-Hellman IKE & 3 encryption modes (AES-256-OCB, AES-256-CBC, XOR-128)byob.core.loaders): remotely import any package/module/scripts from the serverbyob.core.payloads): reverse TCP shell designed to remotely import dependencies, packages & modulesbyob.core.stagers): generate unique payload stagers to prevent analysis & detectionbyob.core.generators): functions which all dynamically generate code for the client generatorbyob.core.database): handles interaction between command & control server and the SQLite databasebyob.core.handler): HTTP POST request handler for remote file uploads to the server