- Remove references to deleted stub directory
- Add patterns for build artifacts, binaries, and malware files
- Include common IDE and temporary file patterns
- Implement AES-128-CBC encryption with SHA256 key derivation
- Add Linux SO injector with dlopen + function calling
- Add Windows DLL injector with NT API + APC queuing
- Create automated build script (build_injectors.sh)
- Generate single encrypted_payload.bin files per platform
- Embed real malware payloads (libphotoshop.dll/so)
- Update documentation and clean up repository
- Linux injector tested with real XMRig mining (700%+ CPU usage)
- Windows injector ready for compilation and testing
Security features:
- AES-128-CBC with random IVs and PKCS7 padding
- SHA256(password + salt) key derivation
- Cross-platform isolation (no code leakage)
- Single encrypted file format per platform
- Embedded payloads with no external dependencies
- Implement conditional compilation for platform-specific dependencies
- Add Linux persistence via cron jobs as alternative to Windows registry
- Create cross-platform fileless execution (memexec for Windows, temp file + exec for Linux)
- Support platform-specific paths and file hiding mechanisms
- Maintain full Windows compatibility while adding Linux support
