Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/0xvpr/malicious-software-research

A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.
https://github.com/0xvpr/malicious-software-research

c2 evasion injection keylogger living-off-the-land obfuscation ransomware research server shellcode socket

Last synced: 5 months ago
JSON representation

A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.

Awesome Lists containing this project

README 

          
Malicious Software Research




  

    

  

  


  
A repository dedicated to researching, analyzing, documenting,

and ultimately, defending against various strains of malicious software and their behaviors.


  



## Table of Contents

- [Environment](#environment)

- [Code Examples](#code-examples)

    01. [Shellcode Crafting](#shellcode-crafting)

    02. [Storage Techniques](#storage-techniques)

    03. [Injection Techniques](#injection-techniques)

    04. [Obfuscation Techniques](#obfuscation-techniques)

    05. [Ransomware](#ransomware)

    06. [Evasion](#evasion)

    07. [Living Off The Land](#living-off-the-land)

    08. [Socket](#socket)

    09. [Keyloggers](#keyloggers)

    10. [Droppers](#droppers)

    11. [Hooking Techniques](#hooking-techniques)

- [Credits & Learning Resources](#credits--learning-resources)

- [Disclaimer](#disclaimer)

- [License](#license)



---



### Environment

```bash

git clone https://github.com/0xvpr/Malicious-Software-Research

cd Malicious-Software-Research

chmod +x build-image.sh run-image.sh

./build-image.sh

./run-image.sh

```



---



### Code Examples

01. Shellcode Crafting

    - Independent Shellcode

    - Adv Independent Shellcode

    - Pure Assembly Syscall

02. Storage Techniques

    - Data

    - Text

    - Rsc

03. Injection Techniques

    - Crt

04. Obfuscation Techniques

    - Simple Template Metaprogramming

    - Intermediate Template Metaprogramming

    - Advanced Template Metaprogramming

    - Xor

05. Ransomware

    - Simple Recursive Encryptor

06. Evasion

    - Anti Dynamic Analysis Techniques

07. Living Off The Land

08. Socket

    - Linux Server

    - Python C2 Server

09. Keyloggers

    - Simple Keylogger

10. Droppers

    - Simple Dropper

    - Intermediate Dropper

11. Hooking Techniques

    - Absolute Jmp Detour

    - Absolute Jmp Detour Once

    - Relative Jmp Detour



### Credits & Learning Resources

- Reversing C++ Classes and Structures

  - Paul Vincent Sabanal & Mark Vincent Yason

- Reflective DLL Injection  

  - MSF Explanation  

- Executing Position Independent Shellcode from Object Files in Memory

  - Dark VortEx  

- Shellcode Crafting  

  - fb1h2s

- Getting Familiar with Sockets

  - ActiveXSploit

- Anti Dynamic Analysis & Sandboxes

  - 0xPat

- Anti Debugging

  - 0xPat

- Anti Static Analysis Tricks

  - 0xPat

### Disclaimer

- Educational Use Only: All examples and code herein are for educational and research purposes only.

- No Warranty: The repository is provided “as is”, without warranty of any kind, express or implied.

- Legal Responsibility: You are solely responsible for ensuring that your use of these materials complies with all applicable laws and regulations.



If you have any doubts regarding the legality or ethics of using these examples, do not proceed.



### License

This repository is released under the MIT License. In short:

- You are free to use, modify, and distribute this code for personal or commercial purposes.

- Please include credit where credit is due.

- The authors/contributors are not liable for any misuse or damage caused by this code.