The result of self-research and
investigation of malware development
tricks, evasion techniques and
persistence
from zhussupov zhassulan (cocomelonc)
CNIT 126: Practical Malware Analysis
unhooking-by-reading-ntdll-dll-fresh-copy
rioasmara.com
Russia Wipers Dropper (educational-purposes )
<Linux~>
techniques:
crash course on linux rootkits:
possibly the best resource at ur disposal, kernel source cross referencer
linux internals:
use google translate but these chinese people have some insane techniques:
-malware creation to data exfiltration
Repo containing different types of malware writing concepts
IHkey is win32 ransomware built using VS 2022 + C++ 17
(Lot of technique)
investigation of malware development
tricks, evasion techniques and
persistence
from zhussupov zhassulan (cocomelonc)
CNIT 126: Practical Malware Analysis
unhooking-by-reading-ntdll-dll-fresh-copy
Process unhooking by reading ntdll.dll fresh copy
Hi All, I am going to share a simple code to allow you to unhook AV engine from the NTDLL by overwritting dll loaded into the process with the fresh copy of the dll. The expectation of overwritting…
rioasmara.com
Russia Wipers Dropper (educational-purposes )
GitHub - ZeroMemoryEx/U-Boat: Russia Wipers Dropper (educational-purposes )
Russia Wipers Dropper (educational-purposes ). Contribute to ZeroMemoryEx/U-Boat development by creating an account on GitHub.
github.com
<Linux~>
techniques:
crash course on linux rootkits:
linux :: TheXcellerator
xcellerator.github.io
possibly the best resource at ur disposal, kernel source cross referencer
kernel - Linux source code (v6.6.5) - Bootlin
Elixir Cross Referencer - Explore source code in your browser - Particularly useful for the Linux kernel and other low-level projects in C/C++ (bootloaders, C libraries...)
elixir.bootlin.com
linux internals:
My-Lib-Books-1/UnderStanding The Linux Kernel 3rd Edition V413HAV.pdf at master · theja0473/My-Lib-Books-1
My Library about Technical Books. Contribute to theja0473/My-Lib-Books-1 development by creating an account on GitHub.
github.com
use google translate but these chinese people have some insane techniques:
-malware creation to data exfiltration
Repo containing different types of malware writing concepts
GitHub - sufyandaredevil/MALWARE_DEV: Repo containing different types of malware writing concepts
Repo containing different types of malware writing concepts - GitHub - sufyandaredevil/MALWARE_DEV: Repo containing different types of malware writing concepts
github.com
IHkey is win32 ransomware built using VS 2022 + C++ 17
(Lot of technique)
GitHub - mr3moe/IHkey: IHkey is win32 ransomware built using VS 2022 + C++ 17
IHkey is win32 ransomware built using VS 2022 + C++ 17 - GitHub - mr3moe/IHkey: IHkey is win32 ransomware built using VS 2022 + C++ 17
github.com