id: malwared-byob

info:
  name: Malwared (Build Your Own Botnet) - Detect
  author: pdteam
  severity: info
  description: |
    Detects the presence of the Malwared - Build Your Own Botnet tool on the target system.
  reference:
    - https://github.com/malwaredllc/byob
  metadata:
    shodan-query: http.favicon.hash:487145192
    fofa-query: icon_hash="487145192"
  tags: panel,malware,byob,botnet,oss,detect

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: word
        words:
          - "Build Your Own Botnet"
          - "Post-Exploitation Framework"
          - "malwaredllc/byob"
# digest: 4b0a00483046022100b8584abcfc72a91236ce180d68f0bb857d6a529942b2440e599826417be95a5e022100dee2345193e5597ecfad9b7f5f748b8f7f42025a90bb7a671cc08126aefa6f42:922c64590222798bb761d5b6d8e72950