This is a repository dedicated to researching, documenting, developing,
and ultimately, defending against various strains of malicious software.

git clone https://github.com/0xvpr/Malicious-Software-Research
cd Malicious-Software-Research
chmod +x build-image.sh run-image.sh
./build-image.sh
./run-image.sh

0. Shellcode Crafting
1. Storage Techniques
2. Injection Techniques
3. Obfuscation Techniques
4. Evasion Techniques
5. Ransomware
6. Living off the Land
7. Client Server Models
8. Keyloggers
9. Droppers
10. Hooking Techniques

0. Shellcode Crafting

• Position Independent Shellcode
• Advanced (with obfuscation) Position Independent Shellcode
• Pure Assembly Syscall (OS dependent)

1. Storage Techniques

• .data
• .text
• .rsc

2. Injection Techniques

• CreateRemoteThread

3. Obfuscation Techniques

• AES encryption
• XOR encryption
• Simple Template Metaprogramming
• Intermediate Template Metaprogramming

4. Evasion Techniques
5. Ransomware

• Simple Recursive Encryptor

6. Living off the Land
7. Client/Server models

• Windows Client to Linux Server
• Python based C2 Server

8. Keyloggers

• Simple Keylogger (windows)

9. Droppers

• Simple Dropper (windows)
• Intermediate Dropper (windows)

10. Hooking Techniques

• Absolute Jump Detour (x86_64 windows)
• Absolute Jump Detour Once (x86_64 windows)

• Reversing C++ Classes and Structures
  • Paul Vincent Sabanal & Mark Vincent Yason
• Reflective DLL Injection
  • MSF Explanation
• Executing Position Independent Shellcode from Object Files in Memory
  • Dark VortEx
• Shellcode Crafting
  • fb1h2s
• Getting Familiar with Sockets
  • ActiveXSploit