How you can create a botnet

drexcorman

drexcorman

Newbie
MEMBER
Joined
Jan 15, 2026
Messages
20
Reaction score
116
Deposit
0$
A bot is basically the malware itself which usually polls a server (C2, command, & control) for commands and instructions it should do next. The bot usually wants persistence on the system via scheduled tasks, registry keys edits, WMI subscriptions, etc... to survive reboots and have an open connection to the C2 as long as possible, C2 servers usually run over either HTTPS, HTTP or DNS protocols.
Now all of this is pretty simple, I mean the bot itself looks completely harmless until it really gets the real deal instructions from its C2, either being to drop or load some ransomware, DDOS attacks, crypto mining, etc...
- programming languages to use for your bot
- packages and modules:
net, http, windows api retaled wrapper apis in your chosen language, etc... these will allow your bot to actually comunicate to your C2 and do various other modular tasks on a system.

How do we spread it?
I mean we got the dev stack, but we still kind of need some users to spread our bot to. Well, this is ALWAYS complex, patient zero is usually the most complicated stage in botnets, when the botnet first grows big and large it's super easy, but when you're starting out? Not really...

But there are some options here:
- e-mail spam, scrape some initial targets for spam
- exploits (SMBGhost, BlueKeep, EternalBlue) or brute force (via SSH, telnet if Linux plataforms are your target)
- trojanized/pirated software (the most easy, but most risk way to do it above spam.
 
drexcorman said:
A bot is basically the malware itself which usually polls a server (C2, command, & control) for commands and instructions it should do next. The bot usually wants persistence on the system via scheduled tasks, registry keys edits, WMI subscriptions, etc... to survive reboots and have an open connection to the C2 as long as possible, C2 servers usually run over either HTTPS, HTTP or DNS protocols.
Now all of this is pretty simple, I mean the bot itself looks completely harmless until it really gets the real deal instructions from its C2, either being to drop or load some ransomware, DDOS attacks, crypto mining, etc...
- programming languages to use for your bot
- packages and modules:
net, http, windows api retaled wrapper apis in your chosen language, etc... these will allow your bot to actually comunicate to your C2 and do various other modular tasks on a system.

How do we spread it?
I mean we got the dev stack, but we still kind of need some users to spread our bot to. Well, this is ALWAYS complex, patient zero is usually the most complicated stage in botnets, when the botnet first grows big and large it's super easy, but when you're starting out? Not really...

But there are some options here:
- e-mail spam, scrape some initial targets for spam
- exploits (SMBGhost, BlueKeep, EternalBlue) or brute force (via SSH, telnet if Linux plataforms are your target)
- trojanized/pirated software (the most easy, but most risk way to do it above spam.
Click to expand...
lol
 
drexcorman said:
A bot is basically the malware itself which usually polls a server (C2, command, & control) for commands and instructions it should do next. The bot usually wants persistence on the system via scheduled tasks, registry keys edits, WMI subscriptions, etc... to survive reboots and have an open connection to the C2 as long as possible, C2 servers usually run over either HTTPS, HTTP or DNS protocols.
Now all of this is pretty simple, I mean the bot itself looks completely harmless until it really gets the real deal instructions from its C2, either being to drop or load some ransomware, DDOS attacks, crypto mining, etc...
- programming languages to use for your bot
- packages and modules:
net, http, windows api retaled wrapper apis in your chosen language, etc... these will allow your bot to actually comunicate to your C2 and do various other modular tasks on a system.

How do we spread it?
I mean we got the dev stack, but we still kind of need some users to spread our bot to. Well, this is ALWAYS complex, patient zero is usually the most complicated stage in botnets, when the botnet first grows big and large it's super easy, but when you're starting out? Not really...

But there are some options here:
- e-mail spam, scrape some initial targets for spam
- exploits (SMBGhost, BlueKeep, EternalBlue) or brute force (via SSH, telnet if Linux plataforms are your target)
- trojanized/pirated software (the most easy, but most risk way to do it above spam.
Click to expand...
good
 
You must log in or register to reply here.

Similar threads

pinkman
Interesting Video Tutorial How I Found My First Bug (now you can too)
Replies
1
Views
119
dusty_boots
D
pinkman
NEWS New biological clocks can count lost years. And tell you how to play some of them back
Replies
0
Views
105
pinkman
pinkman
pinkman
NEWS 100 million for a "hello, how are you?" African womanizer testified in court how he robbed gullible singles.
Replies
0
Views
410
pinkman
pinkman
pinkman
NEWS You Can Get Fired for Rejecting AI: How Amazon and Google Are Making People Love Neural Networks
Replies
0
Views
503
pinkman
pinkman
pinkman
Interesting Video Tutorial I made my own PRIVATE BROWSER(Here's How You Can)!
Replies
13
Views
831
cooter_tx
C
Top Bottom