ransomwhere

module

v1.2.1 Latest Latest Go to latest Published: May 13, 2024 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hazcod/ransomwhere

Links

Open Source Insights

README ¶

Ransomwhere

A Proof of Concept ransomware sample that encrypts your files to test out your ransomware detection & prevention strategies. If no arguments are provided, ransomwherewill automatically execute the encrypt mode without deleting the original files.

I am not responsible for any damage caused by this software.

Building

# with make and Go installed
% make build

Usage

% ransomwhere -h
Usage of ransomwhere:
  -delete
        Delete files after encrypting.
  -log string
        The log level to use. (default "error")
  -mode string
        Encrypt or decrypt the ransomware files. (default "encrypt")
  -path string
        Path to the directory where to traverse files to ransom. (default "/Users/niels")
  -wipe
        Wipe local snapshots while encrypting.

Examples

# straight from source, encrypt in our home directory
% make FLAGS="-log=warn -delete=false -mode=encrypt"

# from the binary, encrypt /home/ransom/
% ./app -log=warn -delete=false -mode=encrypt -path=/home/ransom/

# encrypt, delete original files and wipe backups like a real ransomware (DANGEROUS)
% ./app -delete=true -wipe=true

# revert the ransom operation and restore any files
% ./app -mode=decrypt

Directories ¶

Path	Synopsis
cmd
pkg
crypto
file
snapshots

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL