Malware
A collection of tools I've hacked together for CTFs and such
Please don't use these for illegal purposes. Also, encryption and authentication isn't guaranteed (and likely isn't present at all), so don't use these for anything outside of CTFs and maybe really light pentesting.
That's subject to change, though.
Contents
| Project | Description | Authentication | Encryption |
|---|---|---|---|
build.sh |
Build ALL the things! | N/A | N/A |
commands |
Handy commands | N/A | N/A |
fileserv |
HTTP-only fileserver | None | None |
ip74 |
Naked IP rat | None | 512-bit shared key |
ncserv |
Listener for nc shell | None | None |
plainshell |
Stealthy backdoor | None | None |
pasvcmd |
Sender for pasvmon |
Magic Number | None |
pasvmon |
Pcap-based rat | Magic Number | None |
runroot |
Make a root shell | N/A | N/A |
scripts |
Small scripts | N/A | N/A |
UDPCmd |
Lightweight Backdoor | Magic Number | XOR |
build.sh
To build the othe projects, assuming you have all the requisite compilers (C
and Go, for the moment), simply run ./build.sh from the current directory.
To remove the binaries: ./build.sh clean.
Binaries
Everything is distributed as source. For scripts, the source should be usable as-is. For compiled code (mostly or entirely go at the moment), there's no precompiled binaries in this repository.
I'm happy to make compiled binaries available as long as the following are met:
- Someone requests them from me. The best way to do this is probably via IRC. I tend to hang out on Freenode.
- Whoever requests them convinces me of the following: 1. They'll be used for legal purposes. 2. There's a good reason whoever's requesting them can't compile them.
- Windows isn't the OS for which the binaries are to be built.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent