Malicious Software Research

This is a repository dedicated to researching, documenting, developing,
and ultimately, defending against various strains of malicious software.

Environment (Requires Docker)

git clone https://github.com/0xvpr/Malicious-Software-Research
cd Malicious-Software-Research
chmod +x build-image.sh run-image.sh
./build-image.sh
./run-image.sh

Navigation

Code Examples

1. Storage Techniques
2. Injection Techniques
3. Obfuscation Techniques
4. Evasion
5. Ransomware
6. Living Off The Land
7. Socket
8. Keyloggers
9. Droppers
10. Hooking Techniques

Learning Resources

Code Examples

1. Storage Techniques

• Data
• Text
• Rsc

2. Injection Techniques

• Crt

3. Obfuscation Techniques

• Aes
• Xor
• Simple Template Metaprogramming
• Intermediate Template Metaprogramming

4. Evasion

• Anti Dynamic Analysis Techniques

5. Ransomware

• Simple Recursive Encryptor

6. Living Off The Land
7. Socket

• Linux Server
• Python C2 Server

8. Keyloggers

• Simple Keylogger

9. Droppers

• Simple Dropper
• Intermediate Dropper

10. Hooking Techniques

• Absolute Jmp Detour
• Absolute Jmp Detour Once
• Relative Jmp Detour

Learning Resources

• Reversing C++ Classes and Structures
  • Paul Vincent Sabanal & Mark Vincent Yason
• Reflective DLL Injection
  • MSF Explanation
• Executing Position Independent Shellcode from Object Files in Memory
  • Dark VortEx
• Shellcode Crafting
  • fb1h2s
• Getting Familiar with Sockets
  • ActiveXSploit
• Anti Dynamic Analysis & Sandboxes
  • 0xPat
• Anti Debugging
  • 0xPat
• Anti Static Analysis Tricks
  • 0xPat