# jgamblin/mirai-source-code **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/jgamblin-mirai-source-code).** 9,363 stars · 3,519 forks · C · GPL-3.0 ## Links - GitHub: https://github.com/jgamblin/Mirai-Source-Code - awesome-repositories: https://awesome-repositories.com/repository/jgamblin-mirai-source-code.md ## Description This repository contains the source code for a C-based network botnet designed to compromise Internet of Things devices. It serves as a functional implementation of malware used for security research, behavioral analysis, and the development of threat detection signatures. The project includes a command and control server architecture that manages infected devices via a custom binary protocol and TCP-based command distribution. It employs a cross-compilation toolchain to build and deliver architecture-specific binary payloads across multiple hardware platforms. The codebase covers capabilities for credential-based brute forcing to spread across network ports and multi-platform target mapping. It provides a dataset for studying malware propagation patterns, simulating network communications, and creating intrusion detection rules based on the botnet's internal logic. ## Tags ### Part of an Awesome List - [C2 Command Protocols](https://awesome-repositories.com/f/awesome-lists/devops/c2-infrastructure/c2-listener-servers/c2-command-protocols.md) — Provides a central controller architecture that manages infected devices via a custom binary protocol and TCP distribution. - [Malware Datasets](https://awesome-repositories.com/f/awesome-lists/data/malware-datasets.md) — Serves as a codebase for security researchers to analyze botnet C2 protocols and develop indicators of compromise. - [Intrusion Detection Signatures](https://awesome-repositories.com/f/awesome-lists/security/intrusion-detection-signatures.md) — Provides a basis for creating network rules and antivirus signatures based on actual botnet logic. ### Development Tools & Productivity - [Cross-Compilation Toolchains](https://awesome-repositories.com/f/development-tools-productivity/cross-compilation-toolchains.md) — Utilizes a cross-compilation toolchain to build executable payloads for multiple different IoT hardware architectures. ### Networking & Communication - [Encrypted TCP Command Channels](https://awesome-repositories.com/f/networking-communication/tcp-connection-lifecycles/tcp-client-connections/tcp-connectivity-probes/encrypted-tcp-command-channels.md) — Uses persistent TCP socket connections to distribute commands for real-time remote execution across a botnet. - [Botnet Protocol Simulations](https://awesome-repositories.com/f/networking-communication/botnet-protocol-simulations.md) — Enables deploying controllers and loaders in isolated networks to analyze the protocols used between bots and servers. - [Network Architecture Simulations](https://awesome-repositories.com/f/networking-communication/network-architecture-simulations.md) — Provides an environment to simulate the interactions and communications between bot controllers and infected clients. ([source](https://github.com/jgamblin/mirai-source-code#readme)) ### Operating Systems & Systems Programming - [C-Based Botnets](https://awesome-repositories.com/f/operating-systems-systems-programming/c-based-botnets.md) — Implements a network-based botnet written in C that targets multiple hardware architectures and embedded devices. ### Security & Cryptography - [IoT Malware Implementations](https://awesome-repositories.com/f/security-cryptography/iot-malware-implementations.md) — Provides a functional implementation of malware designed to compromise IoT devices via telnet brute-forcing. - [Mirai-Based Botnets](https://awesome-repositories.com/f/security-cryptography/mirai-based-botnets.md) — Provides the original source code for a Mirai-based botnet used for creating threat detection signatures. - [Multi-Stage Payload Delivery](https://awesome-repositories.com/f/security-cryptography/multi-stage-payload-delivery.md) — Implements a multi-stage delivery chain using droppers and stagers to deploy architecture-specific binaries to IoT devices. - [Credential Brute-Forcing](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/credential-brute-forcing.md) — Spreads across network ports by attempting to authenticate using a predefined list of common default credentials. - [Detection Signature Development](https://awesome-repositories.com/f/security-cryptography/detection-signature-development.md) — Implements logic that can be used to develop antivirus signatures and intrusion detection rules. ([source](https://github.com/jgamblin/mirai-source-code#readme)) - [IoT Security Analysis Tools](https://awesome-repositories.com/f/security-cryptography/hardware-security/iot-security-analysis-tools.md) — Facilitates security research on IoT devices by testing compatibility and vulnerabilities using architecture-specific binaries. - [Malware Analysis](https://awesome-repositories.com/f/security-cryptography/malware-analysis.md) — Allows researchers to study how botnets propagate through weak credentials and how remote servers manage infected devices. ### DevOps & Infrastructure - [Architecture Mapping](https://awesome-repositories.com/f/devops-infrastructure/multi-architecture-hardware-targeting/architecture-mapping.md) — Identifies and targets specific device architectures to ensure the correct binary payload is delivered to matching hardware.