https://github.com/cookiengineer/miasma-sample
:test_tube: Miasma sample for safe testing
https://github.com/cookiengineer/miasma-sample
Last synced: 4 days ago
JSON representation
:test_tube: Miasma sample for safe testing
- Host: GitHub
- URL: https://github.com/cookiengineer/miasma-sample
- Owner: cookiengineer
- Created: 2026-06-08T10:08:37.000Z (about 1 month ago)
- Default Branch: master
- Last Pushed: 2026-06-19T13:13:45.000Z (25 days ago)
- Last Synced: 2026-06-19T15:16:35.743Z (24 days ago)
- Language: Shell
- Size: 5.86 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Miasma Sample
This repository contains safe samples of the Miasma worm. These samples
don't contain the dropper payload itself and are used actively for
testing in SIEM/SOAR environments.
As it does not contain an actual worm implant, the `.github/setup.js`
and `_index.js` files have been replaced with an empty file that do
nothing and contain only a comment.
Because the Miasma worm campaigns are an actively evolving threat,
relevant changes to the campaigns are stored in different subfolders,
showing how exactly the implant dropper mechanisms change over time.
- [01-blight-campaign](./01-blight-campaign) "Miasma" campaign sample, targeting Node.js (NPM) and AI-assisted IDEs
- [02-hades-campaign](./02-hades-campaign) "Hades" campaign sample, targeting Python (PyPi)
- [03-hades-campaign](./03-hades-campaign) "Hades" campaign sample, targeting PHP (Composer)
- [04-atomic-campaign](./04-atomic-campaign) "Atomic Arch" campaign sample, targeting AUR and Pacman
This repository is used as a true positive test case for the
[antimiasma](https://github.com/cookiengineer/antimiasma.git) tool.
### License
AGPL-3.0