A POC HTTP Botnet designed to replicate a full weaponised commercial botnet
Disclaimer
This project should be used for authorized testing or educational purposes only.
The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of commercial HTTP loader style botnets . I hope this project helps to contribute to the malware research community and people can develop efficient counter mesures 🙂
Usage of uboat without prior mutual consistency can be considered as an illegal activity. It is the final user’s responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.
What is a Botnet ?
https://securityaffairs.co/wordpress/13747/cyber-crime/http-botnets-the-dark-side-of-an-standard-
Features
- Coded in C++ with no dependencies
- Encrypted C&C Communications
- Persistence to prevent your control being lost
- Connection Redundancy (Uses a fallback server address or domain )
- DDoS methods (TCP & UDP Flood)
- Task Creation System ( Altering system HWID,Country,IP,OS.System )
- Remote Commands
- Update and Uninstall other malware
- Download and Execute other malware
- Active as well as Passive Keylogger
- Enable Windows RDP
- Plugin system for easy feature updates
Getting started ?
- Download the bot from https://github.com/Souhardya/UBoat/releases
- Follow the wiki at https://github.com/Souhardya/UBoat/wiki
TODO :-
- Fix minor panel bugs
- Make the authentication system more efficient
Project maintained by
- Souhardya Sardar ( [email protected])
- Tuhinshubhra aka r3dhax0r ( https://github.com/Tuhinshubhra )
- Team Virtually Unvoid Defensive ( https://github.com/virtuallyud )
Screens :
