A collection of Windows malware development techniques implemented in C for security research and red team operations.
- Encrypt: AES and RC4 shellcode encryption
- Decrypt: AES, RC4, and XOR decryption implementations
- Lib: Cryptographic library implementations
- DLL Injection: Local and remote process injection
- Shellcode Injection: Local and remote shellcode execution
- Encoding: IPv4, IPv6, MAC, and UUID format encoding
- Decoding: Corresponding decoders for obfuscated payloads
- Process enumeration and handle retrieval techniques
- Windows API-based process discovery methods
- Stage 1: Registry and webserver payload staging
- Server: Python-based payload server utilities
All samples target Windows platforms and demonstrate common evasion and execution techniques used in malware analysis and penetration testing.
This repository is intended solely for security research, education, and authorized penetration testing. Unauthorized use of these techniques may violate laws. Use responsibly and ethically.