This repository is part of my effort to make Bootkit & Rootkit development more accessible. Setting up a proper environment for low-level development can be tedious and time-consuming, so the scripts provided here automate the setup process, making it easier to configure and start experimenting with bootkits and rootkits.
- Setting Up the Environment for Developing Bootkits and Rootkits on Windows
- Setting Up the Environment for Developing Bootkits and Rootkits on Linux
- Additional Resources
- Example Projects
- Contact
This PowerShell script is meticulously crafted to automate the setup of a development environment specifically tailored for creating UEFI Bootkits and Kernel Rootkits on Windows. It streamlines the otherwise manual and time-consuming tasks of installing necessary tools and configuring TianoCore EDK2 (EFI Development Kit) and WDK (Windows Driver Kit), allowing developers to focus more on bootkits/rootkits innovation and less on setup 😉.
To automate the creation and setup of your development environment, follow these steps:
-
Open PowerShell (Some options require administrator permissions):
- Open PowerShell by searching for it in the Start Menu.
- For administrator permissions, right-click PowerShell and select Run as Administrator.
-
Set the Execution Policy (Optional):
- If you encounter an error related to script execution, you can temporarily change the execution policy by running: 'Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass'. This allows scripts to run in the current session without permanently changing system settings. Alternatively, to remove all restrictions, use: 'Set-ExecutionPolicy Unrestricted'.
-
Navigate to the Script Directory:
- Use the cd command to navigate to the folder containing the script.
-
Execute the Script:
- Run the script by entering '.\Setup_Development_Environment_Windows.ps1'
-
Follow the Prompts:
- Respond to the on-screen prompts to select your desired action.
The script simplifies the following steps:
==============================================================================================
Overview:
- PowerShell Script for Automating Bootkits/Rootkits Development Environment Setup in Windows
Note:
- All options have been tested on the latest version of Windows 11 24H2
LinkedIn:
- https://www.linkedin.com/in/vazquez-vazquez-alejandro/
Github:
- https://github.com/TheMalwareGuardian/
==============================================================================================
------------------------------------------- MENU ---------------------------------------------
BOOTKITS
1a. Bootkits - Requirements -> Visual Studio 2019 Community + Git + Python + NASM + ASL
1b. Bootkits - Set Up Environment -> EDK2
1c. Bootkits - Tools -> UEFITool + HxD + OpenSSL
1d. Bootkits - PoCs -> UEFI Applications + DXE Runtime Drivers
DEBUGGING
2a. Debugging - Requirements -> WinDbg
2b. Debugging - Set Up Environment -> Enable Debugging
2c. Debugging - Tools -> Microsoft Sysinternals Suite + Process Hacker
2d. Debugging - Scripting -> PoCs - WinDbg Classic + JavaScript + Python PYKD + WinDbg Extensions
2e. Debugging - Debugging Diagram -> Host (Debugger) + Target (Debugee)
ROOTKITS
3a. Rootkits - Requirements -> Visual Studio 2022 Community + SDK + WDK + Visual Studio Code
3b. Rootkits - Set Up Environment -> Enable Test Mode + Disable Integrity Checks
3c. Rootkits - Tools -> OSR Driver Loader + Ghidra + IDA Free
3d. Rootkits - PoCs -> Kernel Mode Drivers & Console Applications
RESOURCES
4a. Resources - My Repositories -> A compilation of resources dedicated to bootkit and rootkit development
PROGRAM TERMINATION
Q. Exit
----------------------------------------------------------------------------------------------
Choose an option: 1a
You have selected the option 'Bootkits - Requirements -> Visual Studio 2019 Community + Git + Python + NASM + ASL + OpenSSL'
Do you want to proceed? (Press 'Y'):
To make it even easier, I've prepared a complete video walkthrough that shows how to use the setup script step-by-step. From installing dependencies to running your first Bootkit and Rootkit builds, everything is covered visually. Watch the full video here.
🚧 Coming Soon... 🚧
This Bash script is meticulously crafted to automate the setup of a development environment specifically tailored for creating UEFI Bootkits and Kernel Rootkits on Linux. It streamlines the otherwise manual and time-consuming tasks of installing necessary tools and configuring TianoCore EDK2 (EFI Development Kit), allowing developers to focus more on bootkits/rootkits innovation and less on setup 😉.
Work in progress. Stay tuned for updates!
| Feature | Status |
|---|---|
| Environment Setup | 🔄 In Progress |
| Documentation | 🔄 In Progress |
| Malware Examples | ⏳ Researching |
To automate the creation and setup of your development environment, follow these steps:
-
Open a Terminal
- You can do this by pressing Ctrl+Alt+T or launching your terminal application.
-
Navigate to the Script Directory
- Use the cd command to go to the folder where the script is located
-
Make the Script Executable
- Before running the script for the first time, you may need to set the executable permission: chmod +x Setup_Development_Environment_Linux.sh
-
Execute the Script
- Run the script by typing ./Setup_Development_Environment_Linux.sh
-
Follow the Prompts
- The script may offer a menu or prompt for options. Choose the ones that match your setup needs.
The script simplifies the following steps:
==============================================================================================
Overview:
- Bash Script for Automating Bootkits/Rootkits Development Environment Setup in Linux
Note:
- All options have been tested on Ubuntu 22.04 LTS
LinkedIn:
- https://www.linkedin.com/in/vazquez-vazquez-alejandro/
Github:
- https://github.com/TheMalwareGuardian/
==============================================================================================
------------------------------------------- MENU ---------------------------------------------
BOOTKITS
1a. Bootkits - Requirements -> GCC + Git + Python + NASM + ASL
1b. Bootkits - Set Up Environment -> EDK2
1c. Bootkits - Tools -> OpenSSL + efitools + sbsigntools
1d. Bootkits - Create Keys -> Generate UEFI test keys and certificates
ROOTKITS
3a. Rootkits - Requirements -> Kernel headers
PROGRAM TERMINATION
Q. Exit
----------------------------------------------------------------------------------------------
Choose an option: 1a
[!] You have selected the option 'Bootkits - Requirements -> GCC + Git + Python + NASM + ASL'
[?] Do you want to proceed? (Press 'Y'):
To help both beginners and experienced developers, I've also put together a collection of useful materials, including videos, articles, malware examples, and other resources to deepen your understanding of bootkits and rootkits:
📌 TheMalwareGuardian: Awesome Bootkits & Rootkits Development Resources
If you're looking for simple Bootkit & Rootkit projects to get started, check out these repositories, where I share foundational examples to help you build your own:
📌 TheMalwareGuardian: Abyss - Windows UEFI Bootkit
📌 TheMalwareGuardian: Benthic - Windows Rootkit
If you have questions, need further clarification, or are interested in collaboration, feel free to reach out via LinkedIn.