TeamCyberHawkz/awesome-malware-development
GitHub: TeamCyberHawkz/awesome-malware-development
一个面向安全研究人员的恶意软件分析、逆向工程和开发技术综合资源库,旨在帮助安全从业者了解攻击技术以提升防御能力。
Stars: 0 | Forks: 0
```
█████╗ ██╗ ██╗███████╗███████╗ ██████╗ ███╗ ███╗███████╗
██╔══██╗██║ ██║██╔════╝██╔════╝██╔═══██╗████╗ ████║██╔════╝
███████║██║ █╗ ██║█████╗ ███████╗██║ ██║██╔████╔██║█████╗
██╔══██║██║███╗██║██╔══╝ ╚════██║██║ ██║██║╚██╔╝██║██╔══╝
██║ ██║╚███╔███╔╝███████╗███████║╚██████╔╝██║ ╚═╝ ██║███████╗
╚═╝ ╚═╝ ╚══╝╚══╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝
███╗ ███╗ █████╗ ██╗ ██╗ ██╗ █████╗ ██████╗ ███████╗
████╗ ████║██╔══██╗██║ ██║ ██║██╔══██╗██╔══██╗██╔════╝
██╔████╔██║███████║██║ ██║ █╗ ██║███████║██████╔╝█████╗
██║╚██╔╝██║██╔══██║██║ ██║███╗██║██╔══██║██╔══██╗██╔══╝
██║ ╚═╝ ██║██║ ██║███████╗╚███╔███╔╝██║ ██║██║ ██║███████╗
╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝ ╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝
██████╗ ███████╗██╗ ██╗███████╗██╗ ██████╗ ██████╗ ███╗ ███╗███████╗███╗ ██╗████████╗
██╔══██╗██╔════╝██║ ██║██╔════╝██║ ██╔═══██╗██╔══██╗████╗ ████║██╔════╝████╗ ██║╚══██╔══╝
██║ ██║█████╗ ██║ ██║█████╗ ██║ ██║ ██║██████╔╝██╔████╔██║█████╗ ██╔██╗ ██║ ██║
██║ ██║██╔══╝ ╚██╗ ██╔╝██╔══╝ ██║ ██║ ██║██╔═══╝ ██║╚██╔╝██║██╔══╝ ██║╚██╗██║ ██║
██████╔╝███████╗ ╚████╔╝ ███████╗███████╗╚██████╔╝██║ ██║ ╚═╝ ██║███████╗██║ ╚████║ ██║
╚═════╝ ╚══════╝ ╚═══╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝ ╚═╝
```
   **Dissect. Understand. Build. Defend.**
### 读取 /etc/disclaimer.txt
为了防御现代对手,你必须了解他们如何构建武器。本仓库作为安全研究人员、分析师和红队的精选资源库,帮助他们掌握恶意软件分析、规避和开发技术。
### 树形显示 /resources
#### 🎓 课程和培训
* [MalDev Academy](https://maldevacademy.com/)
* [Sektor7 - RED TEAM Operator: Malware Development Essentials](https://institute.sektor7.net/red-team-operator-malware-development-essentials)
* [Sektor7 - RED TEAM Operator: Malware Development Intermediate](https://institute.sektor7.net/rto-maldev-intermediate)
* [Sektor7 - RED TEAM Operator: Malware Development Advanced - Vol.1](https://institute.sektor7.net/rto-maldev-adv1)
* [Sektor7 - RED TEAM Operator: Malware Development Advanced - Vol.2](https://institute.sektor7.net/rto-maldev-adv2)
* [Zero-Point Security - C2 Development in C#](https://training.zeropointsecurity.co.uk/courses/c2-development-in-csharp)
* [Udemy - Malware Development Course 2023: From Zero to Hero](https://www.udemy.com/course/malware-development-beginner-level/)
* [Udemy - Practical Linux Malware Development](https://www.udemy.com/course/practical-linux-malware-development/)
* [Malware on Steroids by Dark Vortex](https://0xdarkvortex.dev/training-programs/malware-on-steroids/)
* [Windows Kernel Rootkits](https://www.codemachine.com/trainings/kerrkt.html)
#### 🛠️ 工具和框架
* [Havoc (NEW 2024–2026)](https://github.com/HavocFramework/Havoc) – 现代、可定制的 C2 框架,带有精美的 GUI。
* [Sliver](https://github.com/BishopFox/sliver) – 跨平台植入框架。
* [Mythic](https://github.com/MythicAgents) – 高度模块化的跨平台 C2。
#### 🎥 YouTube 资料
* [Malware Evasion Techniques: API Unhooking](https://www.youtube.com/@sonianuj)
* [I Created Malware With Python (it's SCARY easy!!)](https://www.youtube.com/watch?v=UtMMjXOlRQc)
* [Malware Development Series - crr0ww](https://www.youtube.com/@crr0ww)
* [Cosmodium CyberSecurity Playlist](https://www.youtube.com/playlist?list=PL_dk67mLCSFHa5jDNvEuXuoafMHmTjn32)
* [I Became a Malware Developer Series](https://www.youtube.com/watch?v=LuUhox_C5yg&list=PL1jK3K11NINhvnr7Y3iGu8eLKec72Sl7D)
* [Malware 101 Series](https://www.youtube.com/watch?v=s0suCUwwikA&list=PLXlzLNcZf2-8RnKqZIYYetIuG7rnUmYz-)
### 读取 /var/materials.log
#### 📄 在线阅读和文章
* [EDR Bypass Techniques - Cymulate](https://cymulate.com/blog/edr-bypass-part-2-techniques/)
* [Malware Development Tricks - Cocomelonc](https://cocomelonc.github.io/malware/2023/01/04/malware-tricks-26.html)
* [Maelstrom Series](https://pre.empt.blog/)
* [Writing Custom Backdoor Payloads With C#](https://github.com/mvelazc0/defcon27_csharp_workshop)
* [Creating a Rootkit to Learn C](https://h0mbre.github.io/Learn-C-By-Creating-A-Rootkit/#)
* [Malware Development Basics](https://github.com/cr-0w/maldev/tree/main)
* [String Obfuscation The Malware Way](https://dr4k0nia.github.io/posts/String-Obfuscation-The-Malware-Way/)
* [The Art of Malware - Bringing the Dead back to life](https://0x00sec.org/t/the-art-of-malware-bringing-the-dead-back-to-life/19599)
* [Analyzing Malware By API Calls](https://www.malwarebytes.com/blog/news/2017/10/analyzing-malware-by-api-calls)
* [Malware Dev](https://captmeelo.com/category/maldev)
* [Writing a Packer](https://dr4k0nia.github.io/posts/Writing-a-Packer/)
* [My First Malware Dev Project in C++](https://malwarexhunt.medium.com/my-first-malware-development-project-in-c-c-logger-stealer-c-c-75b9a0be0540)
* [Malware Development 101-From Zero to Non Hero [BSides-2024]](https://github.com/lsecqt/BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero/raw/refs/heads/main/Malware%20Development%20101.pptx)
#### 📚 深度解析系列
**Malware Development by 0xPat**
* [Basics (Part 1)](https://0xpat.github.io/Malware_development_part_1/)
* [Anti Dynamic Analysis & sandboxes (Part 2)](https://0xpat.github.io/Malware_development_part_2/)
* [Anti-Debugging (Part 3)](https://0xpat.github.io/Malware_development_part_3/)
* [Anti Static Analysis Tricks (Part 4)](https://0xpat.github.io/Malware_development_part_4/)
* [Tips & Tricks (Part 5)](https://0xpat.github.io/Malware_development_part_5/)
* [Advanced Obfuscation with LLVM (Part 6)](https://0xpat.github.io/Malware_development_part_6/)
* [Secure Desktop Keylogger (Part 7)](https://0xpat.github.io/Malware_development_part_7/)
* [COFF Injection and In-memory Execution (Part 8)](https://0xpat.github.io/Malware_development_part_8/)
* [Hosting CLR and Managed Code Injection (Part 9)](https://0xpat.github.io/Malware_development_part_9/)
**Malware Development by sid4hack**
* [Part 1](https://sid4hack.medium.com/malware-development-part-1-ea9e26088662) | [Part 2](https://sid4hack.medium.com/malware-development-part-2-459109c50126) | [Part 3](https://sid4hack.medium.com/malware-development-part-3-669bebef79c4) | [Part 4](https://sid4hack.medium.com/malware-development-part-4-9fa5e817ed96)
* [Part 5: DLL injection into the process](https://sid4hack.medium.com/malware-development-part-5-dll-injection-into-the-process-bc7f8b63b45b)
* [Part 6: DLL hijacking](https://sid4hack.medium.com/malware-development-part-6-dll-hijacking-70bd4611a105)
* [Part 7: Advanced Code Injection](https://sid4hack.medium.com/malware-development-7-advanced-code-injection-9343e7e92bd9)
* [Part 8: Reverse Shell Via Dll Hijacking](https://sid4hack.medium.com/malware-development-part-8-reverse-shell-via-dll-hijacking-ce48f5ebbafe)
### 列出 /samples_and_source.txt 的详细信息
#### 恶意软件样本和源代码
* [VX Underground](https://vx-underground.org/Samples)
* [MalwareBazaar](https://bazaar.abuse.ch/browse/)
* [VirusTotal](https://www.virustotal.com/gui/home/search)
* [MalShare](https://malshare.com/)
* [Tekdefence](http://www.tekdefense.com/downloads/malware-samples/)
* [InQuest](https://github.com/InQuest/malware-samples)
* [Malware-Feed](https://github.com/MalwareSamples/Malware-Feed/)
* [VX Underground GitHub](https://github.com/vxunderground/MalwareSourceCode)
* [GitHub Topic: Malware Source Code](https://github.com/topics/malware-source-code)
* [The Zoo](https://github.com/ytisf/theZoo)
### 读取 /etc/notes_and_guides
* [If you want to get good at Malware Development](https://0x00sec.org/t/if-you-want-to-get-good-at-malware-development/23466)
* [How to get into Malware Development (Makosec)](https://makosecblog.com/malware-dev/malware-development-intro/)
* [Awesome Malware Development](https://github.com/rootkit-io/awesome-malware-development)
### 执行 ./contribute.sh(需要管理员权限)
本仓库由 @TeamCyberHawkz 维护。如果您有宝贵的教程、工具或研究论文,请提交给我们。
1. **Fork 仓库:** 创建一个分支来添加您的内容。
2. **验证内容:** 确保资源高质量、相关性强且分类正确。
3. **提交 PR:** 提交您的更改并简要描述该资源。
   **Dissect. Understand. Build. Defend.**
[ Connection Terminated ] // Securing the digital you. 🦅