Performs Encryption and Decryption of Files with Pub/Private Key on Windows and placed an randomized Ransomnote. The Program tries to mimic an more advanced Ransomware-Attack. Goal is to develop better Detection mechanism for Detecting the File Encryption Process.
Most Ransomware is easly to Detect and most Ransomware Detection Methods are relying on the following:
- File - Extension
- File Header (First Bytes)
- Ransomware Notes
- Encryption Speed
This Project tries to level this up.
- Randomizes Ransom Note Creation (Random Image Generation)
- Slows down the Encryption Process (Try to look like normal User behaviour)
- Uses Valid File Headers (File Headers of Common File Types)
- Uses Valid File Extensions (Common File Extensions)
- Uses Private/Public Key Crypto
Usage to Encrypt Files:
./FileShredderv1.exeSupply Path to the Folder to Encrypt in the Console and Confirm.
Usage to decrypt Files:
./FileShredderv1-Decrypter.exeSupply Path with the Encrypted Files in the Console and Confirm.
To Supply an own Pub/PrivKey change the "private const string publicKey" and "private const string privateKey" in the Source.
.Net Runtime 4.0
disintegr8te
Pull requests are welcome. Please open an issue first to discuss what you would like to change. Please make sure to update tests as appropriate.