Skip to content

jcapellman/METL

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits
METL.InjectorSamples.PE32
METL.InjectorSamples.PE32
 
 
METL.Tests
METL.Tests
 
 
METL
METL
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
METL.sln
METL.sln
 
 
README.md
README.md
 
 

Repository files navigation

MET&L

Malware Embedding Tool & Library

About

The purpose of this library is to provide a quick and easy way to test various methods of malware injection.

Usage

Appending

Similar to what was performed by Malware Researchers back in 2019 appending benign bytes to a malicious file to circumvent both signature and next generation endpoint protection products.

Two methods are available:

Append from a file path

AppendBytesFromFile(byte[] source, string embedFileName)

Append from bytes

AppendBytesFromBytes(byte[] source, byte[] embedBytes)

Injection

A more advanced method is to convert the bytes to a base64 encoded string and then decrypt the string on execution.

Four methods are available:

Inject with a template (PE32 is the only template as of this writing) and malicious file

InjectMalwareFromTemplate(BuiltInTemplates template, string malwareFileName)

Inject from a template file and malicious file

InjectMalwareFromTemplate(string templateName, string malwareFileName)

Inject from a source file and malicious file

InjectMalwareFromFile(string sourceFileName, string malwareFileName)

Inject from a source file and arguments

InjectMalwareFromFile(string sourceFileName, Dictionary arguments)

About

Malware Embedding Tool Library

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Languages