#Malware-development
Showing 60 of 67 repositories tagged #malware-development, ranked by stars
A self-hosted sandbox for red teams to test payloads against modern detection before deployment. MCP integration lets an LLM agent drive analysis end to end.
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Shellcode encryptor & obfuscator tool
Golang malware development library
Reverse Engineering and Malware Analysis Roadmap
BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055, CVE-2026-3609, CVE-2026-8501).
A Linux Ransomware
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
fireELF - Fileless Linux Malware Framework
𦫠| GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
AppLocker-Based EDR Neutralization
Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
Small collection of Ransomware organized by family.
15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.
A technique of hiding malicious shellcode via Shannon encoding.
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective efforts. By contributing, youβll help strengthen the project and push the boundaries of what we can achieve together.
Personal research and publication on malware families
LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis
Some useful books related to Cybersecurity, Linux and more.
My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
Created a VERY SIMPLE remote access Trojan that will establish administrative control over any windows machine it compromises.
My new malware database, the old one is now archived and all my new malwares will be uploaded here instead. As always, this is made for educational purposes only, I'm not responsible for any damages
Δ°Γ§erisinde 100'den fazla modΓΌl ve ΓΆzelliΔi barΔ±ndΔ±ran Γ§ok amaΓ§lΔ± bir siber gΓΌvenlik aracΔ±.
Malware-Detection-System-Using-Deep-Learning-Project. Project Includes PPT. Code, Explanation Video and Documents
A collection of techniques commonly used in malware to accomplish core tasks.
Collection of red team techniques.
A lightweight Command and Control (C2) framework built for offensive security research and red teaming (Post Exploitation).
A collection of Malware Analysis software, materials, libraries, documents, books, resources about malware analysis in Cybersecurity.
A beginner-friendly collection of Rust notes focused on Red Team Tooling β’ Malware Development β’ Systems Programming β’ Rust Fundamentals
takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities
This is a collection of RATs for educational purposes
Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.
Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OSΒ΄s
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
Malware and malicious applications database
A book covering the whole spectrum of Malware
Linux Kernel Rookit Hooking Mechanism
Author of Project Adrishya a rootkit which use ftrace mechanism to hook syscall; (write this because God commanded me); work for both x86_64 and arm; CREDIT-(Oleksii Lozovskyi{ilammy})FOUNDER OF FTRACE HOOKING
Collection of malware analysis, binary exploitation and reverse engineering related resources
π¦ RUSTVERSARY: A comprehensive repository of tools and scripts for malware development practices.
Pipeline for creating shellcode from a nostd rust project.
This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.
FlipperZero - Mix of random flipper zero ducky scripts
Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends encrypted AES keys to files, and other tactics utilized by advanced threat actors like Conti, REvil, WannaCry, Ryuk, Lockbit, etc.
Your eyes on the target - SPY
This is a collection of stealers for educational purposes
An opensource Prank Startup Malware for windows developed using C Programming Language.
A complete hands-on reference of 46 Windows persistence techniques used by real-world APT groups. Each technique includes MITRE ATT&CK TTP mapping, known threat actor attribution, attack commands, verification steps, and cleanup β organized from No-Admin to Admin level. Built for red teamers, malware analysts, and cybersecurity learners.
A FullC2 Framework TUI + Web UI That Focuses On Network Stressing
Multi-layered malware detection system using static analysis, dynamic browser automation, and external APIs for accurate website threat identification. Project Code, Documents and Video Implementation
A malware development library written in rust.
An advanced Windows shell code loader and generator toolset featuring XOR encryption, debug protection, and GUI capabilities for penetration testing.