Malware-Training is a collection of Win32 API/a collection of malicious functionality projects designed specifically for red teamers and offensive security operations. This repository provides various techniques essential for penetration testing, defense evasion (AV/EDR) and general techniques to aid you in malware development.
This repository is going to specifically focus on offensive security with a focus on topics such as Code Execution, Code & Process injection, Defense Evasion, Privilege Escalation, Persistence and minimal Exfiltration.
The difficulty, complexity and effectiveness of certain techniques in this repository are varied. This means that for example certain sophisticated code injectors may prove to be effective in bypassing engines than other.
A crypter of any sort is like a vehicle and the malware/shellcode is the passenger. Even if you're driving around in a Mercedes - if the passenger is shooting everywhere like a madman, you will be caught.
Important
I am going to try my best to explain the logic and pre-requisite lab research as to why certain defense evasion techniques work. Another important thing to note is that none of these project are entirely mine. Some of these techniques have been around for a long while and their core logic remains in-tact even in versions of the technique that have been tampered with. The techniques in this repository have been rebuilt and have had certain functions added to them (by myself) so as to suit my needs and give you guys an easier time understanding them.
Warning
I am not responsible for whatever you do with the techniques included in this repository. Either way, the purpose of these malicious functionality is not to specifically hand you a properly built loader with FUD traits, rather than that, their purpose is to educate.
Familiarize yourself with C, C++ , and a little Powershell and Assembly.
If you have trouble understanding this repo, how to use it properly, please contact me on my socials which you can find at the end of this readme.md. I am available on most platforms, but I prefer TG as my go-to means of communication
Note
One last thing before I cut the chase - In some of the files I am going to include header files pulled from VX-API - https://github.com/vxunderground/VX-API/ , namely the win32helper.h , internal.h , functiondeclaration.h
These header files are here to define and declare functions, macros, internal definitions and constants so as the code is more readable and re-usable.