MalDev

Malware Development

LogoThe Indoctrination | Malcore Malware Bible

Introduction to C

LogoIntroduction to C | Malcore Malware Bible

Windows API

LogoMalAPI.io
NTAPI Undocumented Functions
LogoProgramming reference for the Win32 API - Win32 appsdocsmsft
LogoWindows API index - Win32 appsdocsmsft
LogoGitHub - 7etsuo/windows-api-function-cheatsheets: A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.GitHub

Syscalls

Trampolines

Avoiding direct syscall instructions by using trampolines
LogoGitHub - eversinc33/BouncyGate: Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL.DLL (as in RecycledGate).GitHub
LogoGitHub - Maldev-Academy/HellHall: Performing Indirect Clean SyscallsGitHub

Shellcode

LogoIntroduction to Shellcode | Malcore Malware Bible

Web-based Payload Staging

LogoGitHub - ytincodenito/PayloadStagingGitHub

DLL Hijacking / DLL Sideloading

DLL Hijacking
Logor-tec Blog | DLL Sideloadinglsecqt

DLL Proxying

LogoDLL Hijacking - A New Spin on Proxying your Shellcode - Black Hills Information SecurityBlack Hills Information Security
LogoGitHub - Tylous/FaceDancer: FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadingGitHub

Reduce entropy and obfuscate

LogoGitHub - Maldev-Academy/EntropyReducer: Reduce Entropy And Obfuscate Youre Payload With Serialized Linked ListsGitHub

Workshop

LogoGitHub - chvancooten/maldev-for-dummies: A workshop about Malware DevelopmentGitHub
LogoGitHub - chr0n1k/AH2021Workshop: Malware development for red teaming workshopGitHub
LogoGitHub - cr-0w/maldev: ⚠️ malware developmentGitHub
LogoGitHub - Whitecat18/Rust-for-Malware-Development: This repository contains my complete resources and coding practices for malware development using Rust 🦀.GitHub

Resources

LogoGetting Started With Malware DevelopmentCrow's Nest
LogoAwesome-Cybersecurity-Handbooks/handbooks/malware_development.md at main · 0xsyr0/Awesome-Cybersecurity-HandbooksGitHub

Videos

LogocrowYouTube
LogoLsecqtYouTube

Interesting Books

Interesting Books

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

  • Malware Development for Ethical Hackers Packed with real-world examples, this book simplifies cybersecurity, delves into malware development, and serves as a must-read for advanced ethical hackers

  • Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements.

Support this Gitbook

I hope it helps you as much as it has helped me. If you can support me in any way, I would deeply appreciate it.

PreviousShellcode LoaderNextMalware Testing Lab

Last updated