Skip to content
/ Rust-for-Malware-Development Public
forked from Whitecat18/Rust-for-Malware-Development

This repository contains my complete resources and coding practices for malware development using Rust 🦀.

License

MIT license
8 stars 170 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

killvxk/Rust-for-Malware-Development

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

182 Commits
BSOD
BSOD
 
 
Basics
Basics
 
 
EDRChecker
EDRChecker
 
 
Encryption Methods
Encryption Methods
 
 
Enumeration
Enumeration
 
 
Exec_Extern
Exec_Extern
 
 
Linux-MaLDeV/RustXSpy
Linux-MaLDeV/RustXSpy
 
 
Malware-Samples
Malware-Samples
 
 
Malware_Tips
Malware_Tips
 
 
MessageBoxes
MessageBoxes
 
 
NtApi
NtApi
 
 
Persistence
Persistence
 
 
Process-Injection
Process-Injection
 
 
Process
Process
 
 
Recon/extract_wifi
Recon/extract_wifi
 
 
Reverse Shell
Reverse Shell
 
 
Self-Deletion-Techniques
Self-Deletion-Techniques
 
 
Sleep_Obfuscations/Ekko
Sleep_Obfuscations/Ekko
 
 
Test_phase
Test_phase
 
 
Threads
Threads
 
 
Windows_Threads
Windows_Threads
 
 
analysis
analysis
 
 
dll_injection
dll_injection
 
 
images
images
 
 
keylog_dropper
keylog_dropper
 
 
keylogger
keylogger
 
 
obfuscation
obfuscation
 
 
shellcode_exec
shellcode_exec
 
 
timer
timer
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
api_hooking.rs
api_hooking.rs
 
 
deps.md
deps.md
 
 
docker.md
docker.md
 
 
evade_vm.rs
evade_vm.rs
 
 
find.exe
find.exe
 
 
maldev_rust.png
maldev_rust.png
 
 
syscalls.rs
syscalls.rs
 
 

Repository files navigation

Rust for Malware Development

This repository contains source codes of various techniques used by real-world malware authors, red teamers, threat actors, state-sponsored hacking groups etc. These techniques are well-researched and implemented in Rust.

Repository managed by @5mukx


Note: These are my own research and implementations, derived from the original authors' work. If you discover any errors in these codes, please contact or contribute to this repository.

Basics

To Learn Rust -> Rust Book

Windows API [old]-(winapi)-> WinAPI

Windows API (by Official Microsoft) -> WinAPI

ntapi Crate -> NtAPI

Windows Internels -> Link

RedTeam Notes -> Link

Manifest dependencies for winapi to test and execute

Copy the dependencics in Cargo.toml file

[dependencies]
winapi = { version = "0.3.9", features = ["winuser","setupapi","dbghelp","wlanapi","winnls","wincon","fileapi","sysinfoapi", "fibersapi","debugapi","winerror", "wininet" , "winhttp" ,"synchapi","securitybaseapi","wincrypt","psapi", "tlhelp32", "heapapi","shellapi", "memoryapi", "processthreadsapi", "errhandlingapi", "winbase", "handleapi", "synchapi"] }
ntapi = "0.4.1"
user32-sys = "0.2.0"

Tips for Rust Beginners: Copy and save the dependencies in Cargo.toml File. Versions may be different. Just copy the features when testing.

  • How to Compile this Repository Source Codes README.
  • Cross Compilation Using Docker README..

Rust Malware Blogs regarding this Repostitory

⚠️ These Resources are only for Education Purposes Only ⚠️

About

This repository contains my complete resources and coding practices for malware development using Rust 🦀.

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Rust 100.0%