🚀 Hosted at: ESTIN Béjaïa
🛡 Organized by: Nexus Security Club
Malware Development (MalDev) focuses on understanding modern detection mechanisms and exploring evasion techniques. This session will provide a hands-on approach to bypassing Antivirus (AV) & Endpoint Detection & Response (EDR) solutions.
To follow along, ensure you have:
- Windows OS (for testing & analysis)
- Visual Studio (for compiling the malware)
- C/C++ Development Tools
- Process Explorer & Process Hacker (for debugging & analysis)
- A safe test environment (e.g., Virtual Machine, isolated system)
- Metasploit (msfvenom) for generating shellcodes
📌 Important:
👉 You must replace the provided shellcodes with your own generated shellcodes before execution.
- ✅ Empty Malware – Testing basic detection on VirusTotal
- ✅ Simple Shellcode Execution – Using
msfvenomto generate payloads - ✅ x86 Shellcode Execution – Understanding architecture-specific payloads
- ✅ Code Signing – Making malware appear legitimate
- ✅ XOR Shellcode Execution – Encrypting payloads to evade signature-based detection
- 🔍 Anti-Debugging Techniques – Detecting and preventing analysis
- 🔍 Detecting VirusTotal Sandbox Environments – Identifying when running in a sandbox
This repository is for educational and research purposes only. The goal is to understand malware techniques to improve defensive strategies. Misuse of this knowledge is strictly prohibited.
If you have suggestions or improvements, feel free to submit an issue or pull request!
- https://gist.github.com/maxzxc0110/707faca720d557e8b9554341e48c532c
- https://klezvirus.github.io
- https://www.youtube.com/watch?v=P1PHRcmPM7c
- https://maldevacademy.com/
Research papers
📢 Stay tuned for more security research from Nexus Security Club! 🚀