[catsma21]

the article details how github is spammed by multiple people who read one guide. not every single one of the 1000 repos is THE SAME breed of malware. some overlap, maybe. but some is c#, some is rust, some is python. out of those that are python, some are obfuscated with this love/trust/joy obfuscator, some use pyarmor, some are compiled with nuitka. no, the guide does not instruct you which malware strain to use, only how to game github for traffic.

if it was that simple it would be a solved problem. i encourage you to give it a shot

[Aurornis]

> not every single one of the 1000 repos is THE SAME breed of malware. some overlap, maybe. but some is c#, some is rust, some is python

No, the article is specifically about 1115 malware repos built from the same template

This is taken from the intro of the article:

> Wrote a script that helped me find 1115 repositories built based on the instructions from the guide.

I don’t know what you think you’re talking about, but you’re not talking about the article that I’m talking about.

The template repo is here: https://github.com/Jalynn0922/steal-cook

It contains the main.py script that the article is talking about.

[catsma21]

NOT the same malware template. article only details how "This first repo I found" works, not all of them. look at how his github searching script works in "Scraping Github" - there is no way to determine what malware is in the repo, only that it is doing keyword stuffing.