Framework for creating and managing a botnet
- Various attack methods – automated messaging, phishing, social-engineering.
- Wide distribution channels – e-mail, SMS, messengers (Telegram, WhatsApp), social networks (Facebook, Instagram).
- Software distribution – send and auto-install software on recipients’ devices.
- Botnet management – centralized orchestration of infected devices.
- Stealth technologies – polymorphism, AV bypass, encryption, obfuscation.
- Data collection – steal passwords, payment details, browser data.
- Multi-platform – Windows · Linux · macOS · Android · iOS.
- Captcha bypass – built-in solver (
CaptchaSolver). - Self-protection – hide traces, defend against analysis.
- Monitoring & reports – collect statistics, generate work-done reports.
Prerequisites
- CMake + C/C++ compiler (GCC/Clang) – when building C++ via CMake
- Libraries (Boost, OpenSSL, …) – depending on project modules
- Docker – if containerization is required
The build script lives in ./scripts/build.sh:
./scripts/build.sh
# → executable appears in ./build/./build/your_project_executable| Action | Script |
|---|---|
| Build | ./scripts/build.sh |
| Tests | ./scripts/test.sh |
| Load testing | ./scripts/load_test.sh |
| Deploy | ./scripts/deploy.sh |
config/system.conf
log_level = INFO
max_threads = 10config/bots.conf
task_type = DOWNLOAD
priority = HIGH
params = url:http://localhost/file.txt,destination:/tmp/file.txt# Build image
docker build -t image -f docker/Dockerfile .
# Launch container
docker run -d -p 8080:8080 image| Topic | Highlights |
|---|---|
| Mass mailings | E-mail, SMS, Telegram, WhatsApp, Facebook, Instagram · Personalised templates |
| Phishing / SE | Phishing URLs → fake sites · URL masking (shorteners, redirects) |
| Software distribution | File attachments · Auto-download & install |
| Botnet management | Central commands via BotNetManager · Auto-updates |
| Stealthy distribution | AV bypass, polymorphism, encryption, obfuscation |
| Data collection | Credentials, payment info → C2 |
| OS support | Platform-specific exploits Windows / Linux / macOS / Android / iOS |
| Captcha bypass | ML recognition or external services |
| Self-protection | Auto-trace removal, encryption, obfuscation |
| Monitoring & reporting | Mail open-rate, link clicks, summary reports |
- Master of Puppets: Analyzing And Attacking A Botnet For Fun And Profit – Cutwail/Pushdo architecture & C2 weaknesses. https://arxiv.org/abs/1511.06090
- Peer-to-Peer Botnets – survey of flat P2P botnet designs and detection. https://www.cs.ucf.edu/~czou/research/P2PBotnets-bookChapter.pdf
- Fast Flux 101 – how cyber-criminals rotate DNS to harden infrastructure. https://unit42.paloaltonetworks.com/fast-flux-101/
- Inside the Infamous Mirai IoT Botnet: A Retrospective Analysis – infection vectors & DDoS anatomy. https://blog.cloudflare.com/inside-mirai-the-infamous-iot-botnet-a-retrospective-analysis/
- D-LNBot: A Scalable, Cost-Free and Covert Hybrid Botnet on Bitcoin’s Lightning Network – embedding commands in LN payments. https://arxiv.org/abs/2112.07623
This repository is provided for educational purposes only and intended for authorized security research. Use of these materials in unauthorized or illegal activities is strictly prohibited.