Skip to content

jakobfriedl/malware-development

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
Basics/MemoryManagement
Basics/MemoryManagement
 
 
Evasion
Evasion
 
 
Execution
Execution
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Malware Development

Progressing on my malware development journey.

Table of contents

Disclaimer

Caution

This repository exists solely for educational purposes and aims to document my malware development progress. Programs and projects in this repository are to be used for ethical and legal purposes only. I do not condone the use of these programs for any malicious activities.

Execution Techniques

Shellcode Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Shellcode%20Injection

  • UUID obfuscated payload

DLL Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/DLL%20Injection

NTAPI Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/NTAPI%20Injection

Thread Hijacking

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Thread%20Hijacking

Mapping Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Mapping%20Injection

Function Stomping Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Function%20Stomping

APC Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/APC%20Injection

Early Bird (Remote) APC Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Early%20Bird%20APC%20Injection

Direct Syscalls

Classic Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Direct%20Syscalls/Classic%20Injection

  • Custom SSN retrieval
  • API Hashing

Mapping Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Direct%20Syscalls/Mapping%20Injection

  • SysWhispers3

APC injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Direct%20Syscalls/APC%20Injection

Early Bird (Remote) APC Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Direct%20Syscalls/Early%20Bird%20APC%20Injection

  • Hell's Gate

Indirect Syscalls

APC Injection

https://github.com/jakobfriedl/malware-development/tree/main/Execution/Indirect%20Syscalls/APC%20Injection

  • HellsHall

Evasion Techniques

PPID Spoofing

https://github.com/jakobfriedl/malware-development/tree/main/Evasion/PPID%20Spoofing

Process Argument Spoofing

https://github.com/jakobfriedl/malware-development/tree/main/Evasion/Process%20Argument%20Spoofing

API Hashing

https://github.com/jakobfriedl/malware-development/tree/main/Evasion/API%20Hashing

Self-Deletion

https://github.com/jakobfriedl/malware-development/tree/main/Evasion/Self%20Deletion

About

Progressing on my malware development journey.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages