This project is a collection of the code I wrote while learning windows malware development. Starting from knowing nothing about malware development, windows internals, or creating red team infrastructure; I ended up creating a piece of malware that can be used as a RAT, Ransomware, and even as a botnet. Each module covers a topic, and contains documented code snippets intended to help people who want a hands-on learning experience.
- 01: Processess, Threads, and Handles
- 02: Process Injection
- 03: DLL Injection/Hijacking
- 04: Reflective DLL Injection
- 05: Anti-sandboxing
- 06: Keylogger
- 07: Basic Anti-Debugging
- 08: Self-Deleting Malware
- 09: NTAPI Injection
- 10: Direct Syscalls
- 11: Indirect Syscalls
- 12: Intro to Syswhisper
- 13: Cryptography
- 14: Simple Ransomware
- 15: Command and Control (C2)
- 16: Command and Control (C2) - Part 2
- 17: Putting it All Together
This software is developed for educational and research purposes only. The creator of this software, assumes no liability for any misuse of this software and provides it as-is without warranty of any kind.
Users are solely responsible for ensuring that their use of this software complies with all applicable laws and regulations, including the Computer Fraud and Abuse Act (CFAA) and other relevant cybersecurity laws. This software is designed to simulate malware for the purpose of studying its behaviors and impacts in a controlled and lawful environment, such as penetration testing authorized by the system owner.
The following uses of this software are explicitly prohibited and constitute a violation of the terms of use:
Activities that could cause harm to individuals, organizations, or digital systems. Any use that contributes to the creation, distribution, or operation of malicious software in real-world applications or environments without explicit, written authorization from all parties involved.
This software is provided without any guarantees or warranty. In association with the product, I (Thomas Jordan) makes no warranties of any kind, either express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement of intellectual property rights.
In no event shall I (Thomas Jordan) be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement of substitute goods or services; loss of use, data, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this software, even if advised of the possibility of such damage.
By downloading, accessing, or using this software, you acknowledge that you have read this disclaimer, understand it, and agree to be bound by its terms and conditions. You also acknowledge that you are legally capable of entering into binding contracts, and that you are using this software at your own risk, under the guidelines and for the purposes explicitly outlined above.