Good Malware Sources for Learning From

[plexus]

What are some good malware sources to read/study to learn from? I've been told that Zeus is incredibly well written and is good for studying however it is a bit outdated. Any other sources or recommendations?

 

[Sudo777]

I usually just check github. There are so many quality projects that are open source and awesome for learning.
Depends what kind of malware you are looking to study from. Give me a topic and I will send some links your way.

 

[nephilim]

You need to understand C/C++ and basic WinApi. After that make simple programs. You can check Quake3 's threads on forum. It is very useful and helpful. ( You can find books,pdf's etc on his threads)
And follow the malware content on forum. If you want ask something , just ask. Forum's users are very helpful.

 

[venkat]

You can find on github , if you have good knowlege in reverseing , its very helpful to study the any kinda malware as you wish ,

 

[heybabyone]

GitHub - m0n0ph1/Malware-Collection: Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.

Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code. - m0n0ph1/Malware-Collection

github.com

You're best friend must be a github

 

[plexus]

As it was said above, Github is your friend. Also you can check vxunderground. Vxunderground also contains various malware samples, zines, papers and some APT collections. They also have github.

Well, I think it is worth saying that it is necessary to know at the proper level of C in conjunction with WinAPI and Assembly, to have the skills of reverse, understanding the target OS and etc.

I also recommend these guys:
am0nsec
Danus (That guy really loves Dwarf Fortress)
XPN
hexacorn
enigma0x3
modexp

Good luck & patience.

vxug is low quality and outdated methods, the majority of there sources are stolen. Am0nsec is incompetent, and github is alright I've read a few sources however again its outdated.

 

[plexus]

GitHub - m0n0ph1/Malware-Collection: Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.

Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code. - m0n0ph1/Malware-Collection

github.com

You're best friend must be a github

outdated

 

[DildoFagins]

I can't really say that I've seen some good malware sources lately, only shit code appears here and there. Maybe someone could point at some good sources in particular?

 

[nephilim]

I can't really say that I've seen some good malware sources lately, only shit code appears here and there. Maybe someone could point at some good sources in particular?

I think his question is : "This github source codes really old and shit code. How can upgrade and update this codes? How can I this?"

 

[plexus]

I think his question is : "This github source codes really old and shit code. How can upgrade and update this codes? How can I this?"

Completly agree with Dildo Fagins. And to be honest I don't want to make another shitty Zeus clone (or something in that area). Anything uploaded to github has been thoroughly analyzed and dissected, any revolutionary techniques are the new norm for antivirus software. I'd be better off starting from scratch.

 

[GlowingOne]

-Learn some reversing.
hxxps://malwareunicorn.org/
-Reverse some of the latest malwares.
-If you find something interesting, take a note of.
-Also read some of the recent analysis.
-This forum is a really great place for devs. Read something here.

 

[bnetmstr]

I can't really say that I've seen some good malware sources lately, only shit code appears here and there. Maybe someone could point at some good sources in particular?

LeFF?

 

[DildoFagins]

LeFF?

Well, yes, why are you asking?