{"id":23460727,"url":"https://github.com/littleatarixe/draconus","last_synced_at":"2026-05-05T14:08:52.893Z","repository":{"id":269078432,"uuid":"904012900","full_name":"LittleAtariXE/Draconus","owner":"LittleAtariXE","description":"Malware, Shellcode builder with C2, tools and compilers. Easily create your own malware, small or large.","archived":false,"fork":false,"pushed_at":"2025-03-20T22:44:35.000Z","size":1448,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-12T02:13:01.380Z","etag":null,"topics":["assembly","c2","compilers","ddos","keylogger","malware","malware-development","python3","ransomware","rat","shellcode","stealer"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LittleAtariXE.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-16T04:49:42.000Z","updated_at":"2025-03-14T18:22:16.000Z","dependencies_parsed_at":null,"dependency_job_id":"54ac7a7e-5059-4934-a07b-67f25e3536e0","html_url":"https://github.com/LittleAtariXE/Draconus","commit_stats":null,"previous_names":["littleatarixe/draconus"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LittleAtariXE%2FDraconus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LittleAtariXE%2FDraconus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LittleAtariXE%2FDraconus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LittleAtariXE%2FDraconus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LittleAtariXE","download_url":"https://codeload.github.com/LittleAtariXE/Draconus/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248505925,"owners_count":21115354,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assembly","c2","compilers","ddos","keylogger","malware","malware-development","python3","ransomware","rat","shellcode","stealer"],"created_at":"2024-12-24T07:16:54.753Z","updated_at":"2026-05-05T14:08:52.866Z","avatar_url":"https://github.com/LittleAtariXE.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!DOCTYPE markdown\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\n\u003cdiv id=\"Draconus\"\u003e\n    \u003ch1 align=\"center\"\u003eDraconus\u003c/h1\u003e\n    \u003cp align=\"center\"\u003e\n        \u003cimg src=\"img/logo1.webp\" alt=\"Logo Projektu\" width=\"300\"\u003e\n    \u003c/p\u003e\n    \u003ch4 align=\"center\"\u003eEvery USER should have a Cyber Weapon to defend himself.\u003c/h4\u003e\n    \u003ch5 align=\"center\"\u003eThe project has a new version.\u003c/h5\u003e\n    \u003ch4 align=\"center\"\u003e\u003ca href=\"https://github.com/LittleAtariXE/Draconus-2\"\u003eDraconus 2\u003c/a\u003e\u003c/h4\u003e\n    \u003cbr/\u003e\n    \u003cp align=\"center\"\u003eThis project serves as a comprehensive toolkit designed to introduce fundamental concepts in ethical hacking and malware creation. It offers tools and functionalities for creating shellcodes, basic malware, code obfuscation, and code packing into single lines, providing an engaging way to explore malware techniques responsibly.\u003c/p\u003e\n    \u003ch2\u003eFeatures and Advantages\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eShellcode Generation\u003c/strong\u003e: Create custom shellcodes for testing and experimentation.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eSimple Malware Creation\u003c/strong\u003e: Build your own malware and choose the modules yourself.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eVarious Code Obfuscation Methods\u003c/strong\u003e: Additional modules responsible for code obfuscation.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eCross Compilation\u003c/strong\u003e: Capability to build ready-to-use EXE and DLL files from a Linux environment.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003ePython Cross Compilation\u003c/strong\u003e: Capability to create ready-to-use EXE files using Nuitka and PyInstaller from a Linux environment.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eBuilt-in C2\u003c/strong\u003e: Ability to create various server types supporting multiple simultaneous connections.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eSpecial Compilation Scripts\u003c/strong\u003e: Ability to add information to compiled files using a database.\u003c/li\u003e\n    \u003c/ul\u003e\n\u003cdiv\u003e\n\u003cdiv id=\"Disclaimer\"\u003e\n    \u003ch2\u003eDisclaimer\u003c/h2\u003e\n    \u003cp\u003e\n    \u003cstrong\u003eThis toolkit is developed solely for ethical and educational purposes to deepen understanding of malware creation and analysis. Using this tool to target other users, conduct attacks without prior consent, or apply it in unauthorized environments is strictly forbidden. The responsibility for proper use rests entirely on the user. Caution is advised! Misuse could harm your system or other users. We highly recommend using this tool within isolated virtual machines.\u003c/strong\u003e\n    \u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Warning\"\u003e\n    \u003ch2\u003e⚠️ Important Warning\u003c/h2\u003e\n    \u003cp\u003e\u003cstrong\u003eIt is highly recommended to use Draconus and any worms you create in isolated virtual machines with a dedicated network.\u003c/strong\u003e\u003c/p\u003e\n    \u003cp\u003eSome modules, such as \u003ccode\u003ePyVir\u003c/code\u003e or \u003ccode\u003ePanther\u003c/code\u003e, can infect files or destroy a system after a single execution. The same applies to modules designed for DDOS attacks.\u003c/p\u003e\n    \u003cp\u003eUse this tool wisely to avoid unintentionally causing harm to yourself or others.\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"tutorial_link\"\u003e\n    \u003ch2\u003eDraconus Tutorials\u003c/h2\u003e\n    \u003cp\u003e***** \u003ca href=\"https://github.com/LittleAtariXE/Draconus_Tutorials\"\u003eTUTORIALS\u003c/a\u003e *****\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Contents\"\u003e\n    \u003ch2\u003eContents\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003ca href=\"#Draconus\"\u003eDraconus\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Disclaimer\"\u003eDisclaimer\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Warning\"\u003eImportant Warning\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#About\"\u003eAbout Draconus\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Install\"\u003eInstall\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Start\"\u003eStart\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#First_Step\"\u003eFirst Step\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Hive\"\u003eHive\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#\"\u003eMy First Rat\u003c/a\u003e\n            \u003col\u003e\u003ca href=\"https://github.com/LittleAtariXE/Draconus_Tutorials\"\u003ePlease see Tutorials\u003c/a\u003e\u003c/a\u003e\u003c/ol\u003e\n        \u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#AboutProject\"\u003eAbout The Project\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Features\"\u003eProject Features\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"#Changelog\"\u003eChangelog\u003c/a\u003e\u003c/li\u003e\n        \u003cli\u003e\u003ca href=\"https://github.com/LittleAtariXE/Draconus_Tutorials\"\u003eTutorials\u003c/a\u003e\u003c/li\u003e\n    \u003c/ul\u003e\n\u003c/div\u003e\n\u003cdiv id=\"About\"\u003e\n    \u003ch2\u003eAbout Draconus\u003c/h2\u003e\n    \u003cp\u003e\u003cstrong\u003eDraconus\u003c/strong\u003e is a robust program consisting of two sub-programs designed for streamlined server management and client interaction. It offers an automated approach to managing connections, messages, and file transfers without requiring user intervention, making it a powerful tool for ethical hacking and controlled testing environments.\u003c/p\u003e\n    \u003ch3\u003eProgram Structure\u003c/h3\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eBackground Program\u003c/strong\u003e: The first sub-program runs in the background, handling server operations and managing client connections automatically. This design allows for seamless, automated tasks, such as accepting connections, receiving messages, and file handling, all without needing manual input.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eControl Program\u003c/strong\u003e: The second sub-program serves as the user interface, connecting to the background program. Built with the \u003ccode\u003ePython Click\u003c/code\u003e interface, it provides the user with interactive control over various functions, enabling flexible and precise management.\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch3\u003eMain Sections\u003c/h3\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eMain Draconus Section\u003c/strong\u003e: Responsible for creating and managing servers, handling connections, and overseeing core operations.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eHive Section\u003c/strong\u003e: Specializes in creating and compiling ready-to-use client programs, making it easy to deploy new clients as needed.\u003c/li\u003e\n    \u003c/ul\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Install\"\u003e\n    \u003ch2\u003eInstallation\u003c/h2\u003e\n    \u003col\u003e\n        \u003cli\u003eEnsure you have Python 3.11.2 or a newer version installed on your system.\u003c/li\u003e\n        \u003cli\u003eInstall Docker (e.g., using the following command):\n            \u003cpre\u003e\u003ccode\u003esudo apt install docker.io\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n        \u003cli\u003eTo allow the program to interact with Docker, you need to set the appropriate permissions. Run:\n            \u003cpre\u003e\u003ccode\u003esudo usermod -aG docker $USER\u003c/code\u003e\u003c/pre\u003e\n            Afterward, log out and back in (or restart your system) to apply the new permissions.\n        \u003c/li\u003e\n        \u003cli\u003eDue to the recent policy changes in Python modules on Linux, make sure you have Python’s virtual environment package, \u003ccode\u003evenv\u003c/code\u003e, installed. If not, install it with:\n            \u003cpre\u003e\u003ccode\u003esudo apt install python3.11-venv\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n        \u003cli\u003eNavigate to the \u003ccode\u003eDraconus\u003c/code\u003e directory:\n            \u003cpre\u003e\u003ccode\u003ecd Draconus\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n        \u003cli\u003eCreate a virtual environment:\n            \u003cpre\u003e\u003ccode\u003epython3 -m venv ./venv\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n        \u003cli\u003eActivate the virtual environment:\n            \u003cpre\u003e\u003ccode\u003esource ./venv/bin/activate\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n        \u003cli\u003eInstall the project dependencies:\n            \u003cpre\u003e\u003ccode\u003epip install -r requirements.txt\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n    \u003c/ol\u003e\n    \u003cp\u003eThe installation is complete, and your environment is ready to use.\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Start\"\u003e\n    \u003ch2\u003eGetting Started\u003c/h2\u003e\n    \u003cp\u003eBefore running the program, edit the \u003ccode\u003eCONFIG.ini\u003c/code\u003e file. This file contains configuration settings with explanations. The main setting to update is \u003ccode\u003eIP\u003c/code\u003e, where you should enter the IP address of the computer or virtual machine that will run Draconus. After saving your changes, you can proceed with launching the program.\u003c/p\u003e\n    \u003cp\u003e\u003cstrong\u003eDraconus\u003c/strong\u003e consists of two main components: \u003ccode\u003eDraconus\u003c/code\u003e and \u003ccode\u003eCommander\u003c/code\u003e. Follow these steps to launch both programs correctly:\u003c/p\u003e\n    \u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Before launching the programs, you need to activate the virtual environment. Draconus can be run without activating the virtual environment, but Commander requires an active \u003ccode\u003evenv\u003c/code\u003e. To activate the \u003ccode\u003evenv\u003c/code\u003e, navigate to the \u003ccode\u003eDraconus\u003c/code\u003e directory and execute:\n        \u003cpre\u003e\u003ccode\u003esource ./venv/bin/activate\u003c/code\u003e\u003c/pre\u003e\n    \u003c/p\u003e\n    \u003col\u003e\n        \u003cli\u003e\u003cstrong\u003eStart Draconus\u003c/strong\u003e: Run Draconus with the command:\n            \u003cpre\u003e\u003ccode\u003epython3 Draconus.py\u003c/code\u003e\u003c/pre\u003e\n            Since Draconus is designed to operate in the background, you can also launch it as a background process using:\n            \u003cpre\u003e\u003ccode\u003enohup python3 Draconus.py \u0026\u003c/code\u003e\u003c/pre\u003e\n        \u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eStart Commander\u003c/strong\u003e: After Draconus is running, launch Commander with:\n            \u003cpre\u003e\u003ccode\u003epython3 Commander.py\u003c/code\u003e\u003c/pre\u003e\n            Commander will attempt to connect to Draconus upon startup. If Draconus is not running, Commander will display an error message and will not launch until it detects an active Draconus instance.\n        \u003c/li\u003e\n    \u003c/ol\u003e\n\u003c/div\u003e\n\u003cdiv id=\"First_Step\"\u003e\n    \u003ch2\u003eFirst Steps\u003c/h2\u003e\n    \u003cp\u003eOnce Commander has connected to Draconus, you will have access to a console menu resembling a Linux terminal. This interface allows you to manage connections, create servers, and establish direct connections with clients. The \u003ccode\u003ehelp\u003c/code\u003e menu is always available, and many commands can be run with the \u003ccode\u003e--help\u003c/code\u003e parameter for additional assistance.\u003c/p\u003e\n    \u003ch3\u003eServer Types\u003c/h3\u003e\n    \u003cp\u003eYou can create four main types of servers:\u003c/p\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eDefault\u003c/strong\u003e: Communicates via TCP socket, with data formatted in JSON and encoded in base64. This server type is recommended for advanced communication, background file transfers, and automated tasks with clients that require no user intervention.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eRaw\u003c/strong\u003e: Uses TCP socket but sends raw bytes, allowing for simple message reading and file reception (one at a time) without metadata such as name or type. Ideal for lightweight client programs that don't require complex communication.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eDown\u003c/strong\u003e: Designed solely for receiving files, without support for messages, commands, or other functionalities.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eSend\u003c/strong\u003e: A server designed only to send files to the client. It does not support messages or commands. When a connection is established, it automatically sends the set files.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eb64\u003c/strong\u003e: TCP server. Receives and sends base64 encoded messages.\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch3\u003eMake Servers:\u003c/h3\u003e\n    \u003cp\u003eServers can be created using the following format:\u003c/p\u003e\n    \u003cpre\u003e\n    server [name] [port]\n    \u003c/pre\u003e\n    \u003cp\u003eor:\u003c/p\u003e\n    \u003cpre\u003e\n    server [name] [port] -t [type]\n    \u003c/pre\u003e\n    \u003cp\u003eFor example:\u003c/p\u003e\n    \u003cpre\u003e\n    server my_server 4444 -t raw\n    \u003c/pre\u003e\n    \u003cp\u003eIf you don't specify a server type, the default type will be selected automatically.\u003c/p\u003e\n    \u003cp\u003eServers start automatically after creation and wait for incoming connections from clients. Each server can handle multiple connections simultaneously, so you are not limited to a single connection. Draconus provides access to manage all connected clients, assigning a unique global ID to each client. Servers also automatically detect when a client disconnects and clean up its connection from the program.\u003c/p\u003e\n    \u003ch3\u003eExiting the Program\u003c/h3\u003e\n    \u003cp\u003eThe program can be terminated using two commands: \u003ccode\u003eexit\u003c/code\u003e or \u003ccode\u003equit\u003c/code\u003e.\u003c/p\u003e\n    \u003cul\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eexit\u003c/strong\u003e - Stops the Commander program. The program closes, but Draconus continues to run in the background. \n        It can still accept connections, send and receive files from clients. \n        When you restart Commander, it will reconnect to the running Draconus, and any pending actions or messages will be displayed on the screen.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003equit\u003c/strong\u003e - Stops both Commander and Draconus. It sends a termination signal to Draconus, \n        shutting down both programs completely.\n    \u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch3\u003eAdditional Commands\u003c/h3\u003e\n    \u003cul\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eclose\u003c/strong\u003e - Shuts down the specified server and disconnects all connected clients. \n        For example: \u003ccode\u003eclose my_server\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003etask\u003c/strong\u003e - Displays all tasks currently being performed by Draconus. \n        These include threads actively running within the program.\n    \u003c/li\u003e\n     \u003cli\u003e\n        \u003cstrong\u003econn\u003c/strong\u003e - Enters interaction mode with a connected client. \n        This allows you to send commands, files, and more. Each connected client is assigned a unique ID by Draconus, which is used for identification. \n        To initiate communication with a client, use the command \u003ccode\u003econn [ID]\u003c/code\u003e, for example: \u003ccode\u003econn 3\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eshow\u003c/strong\u003e - Displays a list of created servers and connected clients.\n        \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003e-s\u003c/strong\u003e - Shows a list of created servers.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003e-c\u003c/strong\u003e - Displays a list of all connected clients across all servers.\u003c/li\u003e\n        \u003c/ul\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003ehive\u003c/strong\u003e - Accesses a new section of the program with additional commands, menus, and options. \n        This is where you can create worms.\n    \u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch3\u003eFirst Run\u003c/h3\u003e\n    \u003cp\u003eWhen you start Draconus, a directory named \u003ccode\u003eOUTPUT\u003c/code\u003e will appear in its main directory. This is a critical folder where Draconus stores its logs, downloaded files, created worms, and more. Do not delete this directory while the program is running. You can safely delete it only when both Draconus and Commander are stopped.\u003c/p\u003e\n    \u003ch4\u003eContents of the \u003ccode\u003eOUTPUT\u003c/code\u003e Directory:\u003c/h4\u003e\n    \u003cul\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eLogs\u003c/strong\u003e - This folder contains log files. Every message displayed by Draconus is saved here, along with a timestamp. \n        Similarly, any message received from clients is also logged.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eLOOT\u003c/strong\u003e - This folder stores files downloaded from or sent by clients. It will contain subdirectories named after the IP addresses of clients, which will hold the files sent by them. \n        Additionally, a \u003ccode\u003edump\u003c/code\u003e subdirectory will store files that could not be identified during download. For example, if a client sends a file without headers or metadata (e.g., name, type), it will end up here. \n        Think of the \u003ccode\u003eLOOT\u003c/code\u003e folder as the treasure chest for files received from clients.\n    \u003c/li\u003e\n    \u003cli\u003e\n    \u003cstrong\u003eHive\u003c/strong\u003e - This folder contains files related to worms, source code, shellcodes, and ready-to-use executables. \n    If you create a worm, it will be stored here.\n  \u003c/li\u003e\n  \u003cli\u003e\n        \u003cstrong\u003eShortcuts\u003c/strong\u003e - This folder provides shortcuts to various useful resources in the project, so you don't have to search for them manually. \n        It includes:\n        \u003cul\u003e\n        \u003cli\u003eA folder with icons where you can add your own icons and use them when creating worms.\u003c/li\u003e\n        \u003cli\u003eA shortcut to files where you can add custom code, for example, to payloads.\u003c/li\u003e\n        \u003c/ul\u003e\n  \u003c/li\u003e\n    \u003c/ul\u003e\n    \u003cp\u003eAdditional directories may also appear in the \u003ccode\u003eOUTPUT\u003c/code\u003e folder, depending on the tools you use in Draconus. \nInstructions for new directories will be displayed within the program. Similarly, subdirectories may contain additional files as you use the program. \nFor example, many shortcuts in the \u003ccode\u003eShortcuts\u003c/code\u003e folder are only created after you access the \"hive\" section in Draconus.\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Hive\"\u003e\n    \u003ch2\u003eHive\u003c/h2\u003e\n    \u003cp\u003eThe \u003cstrong\u003eHive\u003c/strong\u003e section is where you create worms. Worms are generated by selecting a main template from the \u003ccode\u003eworm\u003c/code\u003e section. Depending on the type of worm, some allow the addition of extra modules, payloads, and even code obfuscation, while others only support adding payloads.\u003c/p\u003e\n    \u003cp\u003eAfter selecting the appropriate modules, the process moves to filling out the so-called variables, such as IP address, connection port, and more. Many modules are configurable, and everything is clearly described with example values provided to make configuration straightforward.\u003c/p\u003e\n    \u003ch3\u003eMain Modules for Building Worms\u003c/h3\u003e\n    \u003cul\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eworm\u003c/strong\u003e - The main template. This is the first module that must be added. \n        It determines the type of worm you are creating and which additional modules can be used. \n        There are versions that support every type of module, but there are also smaller worms written in assembler, \n        allowing for the addition of simple scripts, and so on. \n        In general, you can create an executable file that weighs over 10 MB or a mini worm with a file size of around 3 KB.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003emodule\u003c/strong\u003e - A variety of modules that add different functionalities to your worms. \n        These can include selecting a TCP connection method, connecting via Discord webhook, network scanning, launching a shell, and more. \n        Each module comes with a detailed description of its purpose and functionality.\n    \u003c/li\u003e\n     \u003cli\u003e\n        \u003cstrong\u003epayload\u003c/strong\u003e - Various types of payloads written in Python, PowerShell, or as executable files for testing. \n        Some modules and worms allow embedding a binary (executable) file within the worm itself, which can then be executed later.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eshadow\u003c/strong\u003e - Code obfuscation options. The final code undergoes various processes to make analysis more difficult. \n        You can use multiple obfuscation modules to make the code even harder to analyze.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003estarter\u003c/strong\u003e - The final method of embedding code into the program. \n        For example, you can choose to place the entire code at the very end, encoded in Base64, and run it as a one-liner.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003ewrapper\u003c/strong\u003e - An additional option that allows embedding the entire worm code into another program. \n        For example, the worm is built using Python modules, but instead of being compiled directly, \n        it is embedded into assembler code. The assembler code is then compiled, and it executes the Python worm code.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eprocess\u003c/strong\u003e - Defines the steps the worm will go through until it is fully created. \n        These steps include code generation, obfuscation, adding imports, compilation, and shellcode creation. \n        The processes vary depending on the main worm template. For example, a worm designed for shellcodes \n        will have different steps compared to one created in Python.\n        \u003cp\u003eIt is not recommended to modify the default processes unless you are already familiar with the program and understand what you are doing.\u003c/p\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003ecscript\u003c/strong\u003e - Special scripts used during compilation. They add information to EXE and DLL files, such as version numbers, company names, etc. You can create your own custom entries or use entries from a predefined database.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003efood\u003c/strong\u003e - You could say it's food for the worm. These are special variables that contain pre-defined values. When building a worm, it may need things like text to hide shellcode, base URLs, or other resources — these are fetched from the Food section.\n        Food values can be assigned to variables, making it a convenient tool when you want to store a collection of paths, text, shellcode, scripts, etc.\n        In the shortcuts directory, you'll find references to some Food variables that you can modify — and those changes will be reflected in the worms you create.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003escode\u003c/strong\u003e - Templates used to generate shellcode.\n    \u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch3\u003eHive Commands\u003c/h3\u003e\n    \u003cul\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eshow\u003c/strong\u003e - Displays a list with descriptions of available modules. \n        \u003cbr\u003eUsage: \u003ccode\u003eshow [module_type]\u003c/code\u003e, e.g., \u003ccode\u003eshow worm\u003c/code\u003e. \n        \u003cbr\u003eYou must specify the module type, such as \u003ccode\u003eworm\u003c/code\u003e, \u003ccode\u003emodule\u003c/code\u003e, \u003ccode\u003epayload\u003c/code\u003e, etc.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eadd\u003c/strong\u003e - Adds a module to your template. \n        \u003cbr\u003eUsage: \u003ccode\u003eadd [module_type] [name]\u003c/code\u003e, e.g., \u003ccode\u003eadd module Binky\u003c/code\u003e. \n        \u003cbr\u003eThe first module to be added must always be one of the main modules, such as \u003ccode\u003eworm\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eremove\u003c/strong\u003e - Removes a specified module from your worm. \n        \u003cbr\u003eUsage: \u003ccode\u003eremove [module_type] [name]\u003c/code\u003e, e.g., \u003ccode\u003eremove payload MicroRat\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003ename\u003c/strong\u003e - Sets the name of the worm being created. \n        \u003cbr\u003eUsage: \u003ccode\u003ename [worm_name]\u003c/code\u003e, e.g., \u003ccode\u003ename MyFirstWorm\u003c/code\u003e. \n        \u003cbr\u003eA directory with the worm's name will appear in the \u003ccode\u003eHive\u003c/code\u003e folder, where its final files will be stored.\n    \u003c/li\u003e\n     \u003cli\u003e\n        \u003cstrong\u003eicon\u003c/strong\u003e - Sets an icon for the executable file. \n        \u003cbr\u003eUsage: \u003ccode\u003eicon [file_name]\u003c/code\u003e, e.g., \u003ccode\u003eicon bee1.ico\u003c/code\u003e. \n        \u003cbr\u003eYou can add additional icons to the folder whose shortcut is located in the \u003ccode\u003eShortcuts\u003c/code\u003e directory. \n        Draconus includes several default icons that you can use.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eworm\u003c/strong\u003e - Displays the entire configuration of the worm being created. \n        \u003cbr\u003eUsage: \u003ccode\u003eworm\u003c/code\u003e.\n        \u003cbr\u003eIt shows added modules, descriptions, required variables to fill in, and more. This is the main command for overseeing the building process.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003evar\u003c/strong\u003e - Sets variables for the worm being created. \n        \u003cbr\u003eUsage: \u003ccode\u003evar [name] '[value]'\u003c/code\u003e, e.g., \u003ccode\u003evar ip_addr \"192.168.1.1\"\u003c/code\u003e. \n        \u003cbr\u003eVariables depend on the type of worm being created and the modules added. Some modules require additional variables. \n        You can modify all variables listed in the \u003ccode\u003erequired variables\u003c/code\u003e and \u003ccode\u003eset variables\u003c/code\u003e sections.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003erebuild\u003c/strong\u003e - Clears all modules and resets the entire worm. \n        \u003cbr\u003eUsage: \u003ccode\u003erebuild\u003c/code\u003e. \n        \u003cbr\u003eThis allows you to start a new project from scratch.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003ecomp\u003c/strong\u003e - Displays a list of available compilers. \n        \u003cbr\u003eUsage: \u003ccode\u003ecomp\u003c/code\u003e. \n        \u003cbr\u003eNot all worms can use all compilers. This command lets you view the name and description of each compiler so you can choose the appropriate one for your worm. \n        Worms have default compilers set, such as \u003ccode\u003ePyInstaller\u003c/code\u003e for Python worms, but you can switch to others, like \u003ccode\u003eNuitka\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003einstall\u003c/strong\u003e - Installs the required compilers. \n        \u003cbr\u003eUsage: \u003ccode\u003einstall\u003c/code\u003e or \u003ccode\u003einstall -i [master_compiler_name]\u003c/code\u003e. \n        \u003cbr\u003eDraconus is installed without compilers by default. You need to install compilers as you use the program. \n        You don't have to install all compilers, especially if you don't plan to create files for certain systems. \n        However, some functionalities, such as building shellcode, are not possible without specific compilers.\n        \u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Installing additional compilers involves downloading special Docker images, which can take up extra disk space. \n        For example, the compiler for creating Windows EXE files from Python takes approximately 3.5 GB.\u003c/p\u003e\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003edlc\u003c/strong\u003e - Installs additional modules. \n        \u003cbr\u003eUsage: \u003ccode\u003edlc -s\u003c/code\u003e or \u003ccode\u003edlc -i [dlc_name]\u003c/code\u003e, e.g., \u003ccode\u003edlc -i \"DLC_1\"\u003c/code\u003e. \n        \u003cbr\u003eDraconus allows adding extra modules over time without requiring you to download or install a new version of the program. \n        To install a DLC, place the package in the \u003ccode\u003eIN\u003c/code\u003e folder that appears in Draconus's main directory.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003esheme\u003c/strong\u003e - Displays a list of processes and steps available for worms. \n        \u003cbr\u003eUsage: \u003ccode\u003esheme\u003c/code\u003e. \n        \u003cbr\u003eThis is primarily for informational purposes to help you understand the worm-building process if you want to customize it.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003egvar\u003c/strong\u003e - Displays a list of global options. \n        \u003cbr\u003eUsage: \u003ccode\u003egvar\u003c/code\u003e. \n        \u003cbr\u003eThese are special options you can configure, such as changing the default compiler for worms or applying additional compilation options.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003esetgvar\u003c/strong\u003e - Sets a global option. \n        \u003cbr\u003eUsage: \u003ccode\u003esetgvar [name] [value]\u003c/code\u003e, e.g., \u003ccode\u003esetgvar COMPILER_NAME WinePyNuitka\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003eexit\u003c/strong\u003e - Exits the Hive console and returns to the Draconus console. \n        \u003cbr\u003eUsage: \u003ccode\u003eexit\u003c/code\u003e.\n    \u003c/li\u003e\n    \u003cli\u003e\n        \u003cstrong\u003ebuild\u003c/strong\u003e - Starts building the worm into an executable file. \n        \u003cbr\u003eUsage: \u003ccode\u003ebuild\u003c/code\u003e or \u003ccode\u003ebuild --options\u003c/code\u003e, e.g., \u003ccode\u003ebuild --no_compile\u003c/code\u003e. \n        \u003cbr\u003eIf the \u003ccode\u003e--no_compile\u003c/code\u003e option is used, the executable file will not be created; instead, you will receive a file with the raw code.\n    \u003c/li\u003e\n    \u003c/ul\u003e\n    \u003cp\u003eMany commands offer additional help, accessible with the \u003ccode\u003e--help\u003c/code\u003e option, e.g., \u003ccode\u003ebuild --help\u003c/code\u003e.\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"AboutProject\"\u003e\n    \u003ch3\u003eAbout the Project\u003c/h3\u003e\n    \u003cp\u003eI understand and acknowledge that the techniques presented in this project are amateur and, for some, may seem primitive. However, I developed this project while teaching myself how all of this is actually created.\u003c/p\u003e\n    \u003cp\u003eI do not work in IT and have never worked in the field. I’m not a professional programmer—just a hobbyist. I’m aware that the entire project could probably be done much better: the code could be written more efficiently, better libraries could be used, and so on. But for me, what matters most is that it works.\u003c/p\u003e\n    \u003cp\u003eThe project will continue to evolve, and over time I plan to add new tools and modules.\u003c/p\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Features\"\u003e\n    \u003ch2\u003e🚀 Planned Features\u003c/h2\u003e\n    \u003cp\u003eIn version 1.0, I focused primarily on building and testing Draconus. Less attention was given to creating various modules.\u003c/p\u003e\n    \u003cp\u003eIn future versions, I plan to add the following:\u003c/p\u003e\n    \u003cul\u003e\n    \u003cli\u003eMore payloads written in PowerShell.\u003c/li\u003e\n    \u003cli\u003eMore Python-based worms with different functionalities.\u003c/li\u003e\n    \u003cli\u003eAdditional types of DDOS attacks.\u003c/li\u003e\n    \u003cli\u003eSupport for building Windows shellcode.\u003c/li\u003e\n    \u003cli\u003eAbility to create DLL files. - DONE\u003c/li\u003e\n    \u003cli\u003eMore DLL files.\u003c/li\u003e\n    \u003c/ul\u003e\n\u003c/div\u003e\n\u003cdiv id=\"Changelog\"\u003e\n    \u003ch2\u003eChangelog\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\n            \u003ch3\u003eDraconus 1.0\u003c/h3\u003e\n            \u003cp\u003eStart Project\u003c/p\u003e\n        \u003c/li\u003e\n        \u003cli\u003e\n            \u003ch3\u003eDraconus 1.0.1\u003c/h3\u003e\n            \u003cp\u003eImproved reading of 'RAW' messages from network sockets.\u003c/p\u003e\n            \u003cp\u003eAdded payload 'reverse shell' module in python for linux and windows.\u003c/p\u003e\n        \u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch3\u003e🛠️ Draconus 1.1\u003c/h3\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eNew payload building system:\u003c/strong\u003e Now it's time to come up with something... :)\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eAdded payload module:\u003c/strong\u003e \u003ccode\u003ePS_DeliverObf\u003c/code\u003e - An obfuscated PowerShell payload with configurable options.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eAdded payload module:\u003c/strong\u003e \u003ccode\u003ePyReverse\u003c/code\u003e - A reverse shell written in Python for both Windows and Linux.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eAdded main template:\u003c/strong\u003e \u003ccode\u003eWorm Arkanoid\u003c/code\u003e - Enables the creation of DLL files with PowerShell payloads. Additionally, an EXE file is generated to call the payload function. The DLL libraries can be used in any other code.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eImproved raw message handling from sockets:\u003c/strong\u003e A message buffer was introduced to prevent the screen from being flooded with hundreds of single-character messages. See \u003ccode\u003eCONFIG.INI\u003c/code\u003e for more details.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew functionality:\u003c/strong\u003e Automatically prepares a directory with only the necessary files for the worm to operate. If the worm requires several files, a folder with the worm's name is created, containing only the essential files.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eBug fixes:\u003c/strong\u003e Addressed numerous small and significant issues.\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch2\u003e🛠️ Changelog for Version 1.1.1\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eAdded support for special \"food\" variables:\u003c/strong\u003e These contain predefined data such as shellcodes and various worm-related data.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew worm: \u003ccode\u003eWinShell\u003c/code\u003e (x86)\u003c/strong\u003e - A Windows 32-bit worm designed for testing shellcodes.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew worm: \u003ccode\u003eWinShell64\u003c/code\u003e (x64)\u003c/strong\u003e - A Windows 64-bit worm designed for testing shellcodes.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew worm: \u003ccode\u003eRiverRaid\u003c/code\u003e (x86)\u003c/strong\u003e - Hides shellcode among multiple text variables. \n            Generates both an EXE file and a separate DLL with injection functions, making detection more difficult.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew worm: \u003ccode\u003eBrutePID\u003c/code\u003e (x86)\u003c/strong\u003e - Scans every process PID within a given range and attempts to inject shellcode into one of the processes.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew cross-compiler: \u003ccode\u003eMC_win64\u003c/code\u003e\u003c/strong\u003e - A 64-bit cross-compiler supporting C, C++, and assembler.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eAdded text display customization:\u003c/strong\u003e In \u003ccode\u003eCONFIG.ini\u003c/code\u003e, a new option allows adjusting text display for different screen sizes.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eMore information added to the \"Queen\" console commands.\u003c/strong\u003e\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew DLL building system.\u003c/strong\u003e\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew wrapper: \u003ccode\u003eDropZone\u003c/code\u003e (not fully functional)\u003c/strong\u003e - An experimental \"worm-in-a-worm\" system. \n            It embeds a compiled worm inside a \"wrapper worm\" and attempts to execute it as a separate process. \n            However, it struggles to handle large binary files (several MB). Work is ongoing to resolve this issue.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eAdded several new tools\u003c/strong\u003e to assist in building different types of worms.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eBug fixes:\u003c/strong\u003e Many small fixes, and probably some new bugs as well! 😄\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch2\u003e🛠️ Changelog for Version 1.2\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm Constructor\u003c/strong\u003e Completely redesigned the process of building custom worms, improving the creation of new EXE and DLL combinations.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Single Image CrossComp Compiler\u003c/strong\u003eA single compiler image containing multiple compilers (mingw-x64, mingw-x32, PyInstaller, Nuitka). Older images can be deleted as they will no longer be used.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Cscript Module Type\u003c/strong\u003eNew scripts for the compilation phase, allowing various descriptions to be added to DLL and EXE files.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eBrutePID64\u003c/code\u003e (x64)\u003c/strong\u003e - A test program that attempts to open processes within a specified PID range, inject, and execute shellcode.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Payload: \u003ccode\u003ePyDllInject\u003c/code\u003e\u003c/strong\u003e - A payload written in Python for DLL injection.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Payload: \u003ccode\u003ePyExeShell\u003c/code\u003e\u003c/strong\u003e - A payload written in Python for shellcode injection.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Module: \u003ccode\u003eLodeRunner\u003c/code\u003e\u003c/strong\u003e - A DLL library. Upon import, it starts a thread establishing a TCP connection, downloading a file, and executing it. See the program description for more details.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eBruteDLL\u003c/code\u003e\u003c/strong\u003e - Written in assembly. Checks each process within the specified range and attempts to inject a DLL using dynamic function import.\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch2\u003e🛠️ Changelog for Version 1.2.1\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eBuild Worm as Payload\u003c/strong\u003e — A new option allows building a Python-based worm and converting it into a payload instead of compiling it. The payload will appear automatically in the \u003ccode\u003epayload\u003c/code\u003e section of the library. Currently works only with raw Python code (support for compiled payloads is in progress).\u003cbr\u003e\n        Usage: \u003ccode\u003ebuild --payload\u003c/code\u003e or \u003ccode\u003ebuild -p\u003c/code\u003e.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Module: \u003ccode\u003eSmuggler_DLL\u003c/code\u003e\u003c/strong\u003e — A special library that dynamically imports functions from \u003ccode\u003ekernel32\u003c/code\u003e and other DLLs. It locates the Export Table address in memory, allowing the hiding of imports and dynamic linking without recompilation.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Module: \u003ccode\u003eSmuggler_Lib\u003c/code\u003e\u003c/strong\u003e — Same functionality as \u003ccode\u003eSmuggler_DLL\u003c/code\u003e, but in the form of a static \u003ccode\u003elib\u003c/code\u003e library instead of a \u003ccode\u003edll\u003c/code\u003e. Designed for manual linking during compilation.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003ePong\u003c/code\u003e\u003c/strong\u003e — A reverse TCP worm that launches \u003ccode\u003ecmd\u003c/code\u003e by default. All function names are dynamically generated and hidden, making detection very difficult. Compiled as a single-file executable using additional libraries.\u003cbr\u003e\n        ✅ \u003cem\u003eTested on updated Windows 10 (April 2025). Not detected by Windows Defender.\u003c/em\u003e\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003ePong2\u003c/code\u003e\u003c/strong\u003e — Same as \u003ccode\u003ePong\u003c/code\u003e, but split into two files: an \u003ccode\u003eexe\u003c/code\u003e and a \u003ccode\u003edll\u003c/code\u003e containing the worm logic. This separation allows for alternative execution methods.\u003cbr\u003e\n        ✅ \u003cem\u003eTested on updated Windows 10 (April 2025). Not detected by Windows Defender.\u003c/em\u003e\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Module: \u003ccode\u003ePayloadStorage\u003c/code\u003e\u003c/strong\u003e — A 64-bit Assembly module for embedding large payloads. Accepts any type of binary data and supports basic obfuscation by altering the hex values of each byte. Payload capacity can be adjusted via a variable.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Module: \u003ccode\u003eUnLoader\u003c/code\u003e\u003c/strong\u003e — A stealth module that writes files to disk using imports loaded directly from memory, avoiding static references to common APIs.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eFalcon\u003c/code\u003e\u003c/strong\u003e — A minimalistic worm written entirely in Assembly. It decodes a payload, writes it to disk, and launches it via \u003ccode\u003eWinExec\u003c/code\u003e or \u003ccode\u003eOpenProcessA\u003c/code\u003e. The execution command can be customized using a special variable. Uses memory-only dynamic imports for stealth.\u003cbr\u003e\n        ✅ \u003cem\u003eTested on updated Windows 10 (April 2025). Not detected by Windows Defender.\u003c/em\u003e\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch2\u003e🛠️ Changelog for Version 1.2.2\u003c/h2\u003e\n    \u003cul\u003e\n        \u003cli\u003e\u003cstrong\u003eRemoved Worm: \u003ccode\u003eLittleMolly\u003c/code\u003e\u003c/strong\u003e — The \u003ccode\u003eLittleMolly\u003c/code\u003e worm has been removed and replaced by a new, more advanced version.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eMontezuma\u003c/code\u003e\u003c/strong\u003e — A Python-based worm that can be customized by adding various modules, including code obfuscators and more. Perfect for building your own payload or compiling into a standalone executable.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eImproved Compatibility\u003c/strong\u003e — Many Python modules have been updated to ensure full compatibility with the new \u003ccode\u003eMontezuma\u003c/code\u003e worm template.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eTCP Module Update\u003c/strong\u003e — The basic TCP communication module can now receive and interpret commands directly within the worm.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eUpdated Module: \u003ccode\u003ePanther\u003c/code\u003e (Ransomware)\u003c/strong\u003e — Improved with support for fast or slow encryption modes and extended file search across the disk. Now more effective and configurable.\u003c/li\u003e\n        \u003cli\u003e\u003cstrong\u003eImproved Module Display\u003c/strong\u003e — The module lists, worm configurations, and variable tables are now displayed using the Python \u003ccode\u003etabulate\u003c/code\u003e library for better formatting and readability.  \n        ⚠️ Please re-run: \u003ccode\u003epip install -r requirements.txt\u003c/code\u003e to update your environment.\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003ch2\u003e🛠️ Changelog for Version 1.2.3\u003c/h2\u003e\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Commander Launch Option\u003c/strong\u003e — You can now run the control interface directly with the command: \u003ccode\u003epython3 c2.py\u003c/code\u003e.  \n    This new loader will automatically activate the virtual environment, create one if missing, install all required dependencies, and then launch Commander.  \n    Both the old and new launch methods are supported and can be used interchangeably.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Server Type: \u003ccode\u003eb64\u003c/code\u003e\u003c/strong\u003e — A new server type that uses TCP sockets with Base64-encoded communication.  \n    Commands are sent using the standard \u003ccode\u003emsg\u003c/code\u003e instruction. This server type is required for communication with the new \u003ccode\u003eZaxxon\u003c/code\u003e worm.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eZaxxon\u003c/code\u003e\u003c/strong\u003e — A fully assembly-written worm and the author's first large-scale project in pure ASM.  \n    \u003cul\u003e\n        \u003cli\u003ePolymorphic design: every build produces a different binary with randomized code and values.\u003c/li\u003e\n        \u003cli\u003eUses hidden imports and passes Defender analysis tests.\u003c/li\u003e\n        \u003cli\u003eCommunicates over Base64-encoded TCP socket (requires server type \u003ccode\u003eb64\u003c/code\u003e).\u003c/li\u003e\n        \u003cli\u003eExecutes commands in new threads, allowing continuous communication during task execution.\u003c/li\u003e\n        \u003cli\u003eSupports creation of a secondary socket for file transfer (ideal for \u003ccode\u003esend\u003c/code\u003e server).\u003c/li\u003e\n        \u003cli\u003eCan search directories and steal files matching patterns like \u003ccode\u003e*.jpg\u003c/code\u003e or \u003ccode\u003eaa??.bmp\u003c/code\u003e.\u003c/li\u003e\n        \u003cli\u003eContains space for two separate shellcodes, hidden within large blocks of random text.\u003c/li\u003e\n        \u003cli\u003eIncludes special feature for injecting shellcode in fragments, decoded gradually from hidden text blocks (tested with MSF calc shellcode — undetected and successfully injected).\u003c/li\u003e\n        \u003cli\u003eScans process ranges to find candidates for injection.\u003c/li\u003e\n        \u003cli\u003eIncludes a fun feature to spam the screen with \u003ccode\u003eMessageBox\u003c/code\u003e windows.\u003c/li\u003e\n        \u003cli\u003eAll commands are available after connecting to Draconus. Use the command \u003ccode\u003emsg help\u003c/code\u003e to view supported options.\u003c/li\u003e\n        \u003cli\u003eZaxxon includes customizable parameters: hex names, random text pools for function obfuscation, and more.\u003c/li\u003e\n        \u003cli\u003eHas the ability to clone itself and add entries to Windows autostart. Be cautious when testing!  \n            Check the Windows registry to find where Zaxxon has created its autostart entry.\u003c/li\u003e\n    \u003c/ul\u003e\n    \u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛠️ Changelog for Version 1.2.4\u003c/h2\u003e\n    \u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eUpdate readme\u003c/strong\u003e\u003c/li\u003e\n    \u003c/ul\u003e\n\u003ch2\u003e🛠️ Changelog for Version 1.2.42\u003c/h2\u003e\n    \u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eFixing bugs\u003c/strong\u003e\u003c/li\u003e\n    \u003c/ul\u003e\n\u003ch2\u003e🛠️ Changelog for Version 1.3\u003c/h2\u003e\n\u003cul\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eWShellcode\u003c/code\u003e\u003c/strong\u003e — A new template for generating Windows x64 shellcode.  \n    This main worm type allows you to create shellcode from predefined templates.  \n    To begin shellcode generation, add \u003ccode\u003eWShellcode\u003c/code\u003e as your base worm with the command:  \n    \u003ccode\u003eadd worm WShellcode\u003c/code\u003e.  \n    Templates are available as a new type of module called \u003ccode\u003escode\u003c/code\u003e.  \n    To list all available shellcode templates, run: \u003ccode\u003eshow scode\u003c/code\u003e.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Module Type: \u003ccode\u003escode\u003c/code\u003e\u003c/strong\u003e — Shellcode templates used to generate working shellcode.  \n    These modules provide different payload behaviors in low-level binary form.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Shellcode Module: \u003ccode\u003eWinExec\u003c/code\u003e\u003c/strong\u003e — A simple test shellcode that uses the \u003ccode\u003eWinExec\u003c/code\u003e function to launch a program (default: \u003ccode\u003ecalc.exe\u003c/code\u003e, can be changed).  \n    Mainly for testing — unless someone gets creative with the commands 😄\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Shellcode Module: \u003ccode\u003eWEPy\u003c/code\u003e\u003c/strong\u003e — A shellcode that uses \u003ccode\u003eOpenProcessA\u003c/code\u003e to spawn Python via \u003ccode\u003ecmd\u003c/code\u003e and inject a script directly.  \n    It includes a slot for a Python-based payload that you can insert manually.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Compiler Option: \u003ccode\u003ebuild --spayload\u003c/code\u003e\u003c/strong\u003e — Builds a shellcode and places it into the payload library.  \n    The generated shellcode can then be used like any other ready-to-use payload in other worms.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eNew Compiler Option: \u003ccode\u003ebuild --food\u003c/code\u003e\u003c/strong\u003e — Builds a shellcode and stores it as a \u003ccode\u003eFOOD\u003c/code\u003e-type variable.  \n    These shellcodes can later be inserted into other worms or modules that accept shellcode as input.\u003c/li\u003e\n    \u003cli\u003e\u003cstrong\u003eBug Fixes\u003c/strong\u003e — Several minor bugs were fixed and improvements made for better overall stability.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📦 Version 1.3.1 – Update Summary\u003c/h2\u003e\n\u003ch3\u003e🆕 New Modules:\u003c/h3\u003e\n\u003cul\u003e\n  \u003cli\u003e\u003cstrong\u003eNew Shellcode module: \u003ccode\u003eMsgBoxA\u003c/code\u003e\u003c/strong\u003e – New shellcode module. Generates MessageBoxA shellcode with custom text (default: \u003ccode\u003e\"Hello World\"\u003c/code\u003e). The message box appears as an error-type window.\u003c/li\u003e\n  \u003cli\u003e\u003cstrong\u003eNew Worm: \u003ccode\u003eJackRoad\u003c/code\u003e\u003c/strong\u003e – New main worm module written in C++. Designed for shellcode testing. It scans processes within a given PID range, locates a vulnerable process, injects, and executes the shellcode.\u003cbr /\u003e\n    Does not use \u003ccode\u003ewindows.h\u003c/code\u003e; instead, it dynamically imports all functions through a custom library. Displays detailed information about the target process, memory allocation, and more.\u003cbr /\u003e\n    Successfully tested with shellcode generated via Draconus on Windows 10. Injection and execution worked without detection by Windows Defender.\u003cbr /\u003e\n    \u003cem\u003eNote: Not tested with signed shellcode generated via MSFramework.\u003c/em\u003e\n  \u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🔧 Other Changes:\u003c/h3\u003e\n\u003cul\u003e\n  \u003cli\u003eRemoved the outdated \u003cstrong\u003eexample RAT creation\u003c/strong\u003e section from the README.\u003c/li\u003e\n  \u003cli\u003eAdded a link to the new \u003cstrong\u003etutorial section\u003c/strong\u003e, which now includes both written guides and video walkthroughs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/div\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flittleatarixe%2Fdraconus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flittleatarixe%2Fdraconus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flittleatarixe%2Fdraconus/lists"}