Awesome malware development resources

snoop · April 15, 2022, 2:46am

I have made a organized list of malware development resources it’s quite hard to find em so i think it will help to anyone who want to learn malware dev, please give your feedback.

Tas-sos · April 20, 2022, 5:09am

Great work and so interesting! Thank you!

zakzallen · April 28, 2022, 2:34pm

Hmm… very intriguing. I will take a look.
Thank You!

flyturk · May 19, 2022, 1:57pm

Thanks for sharing… Good a knowledge

Verarosso · May 30, 2022, 4:35pm

Thanks! Awesome

fatehshakir · June 3, 2022, 11:05am

great work .

Sea · June 7, 2022, 1:02am

This is great. One thing that might be good for an update is a set curriculum taking newcomers from C through ASM and through additional topics.

With all of these links, it could be daunting for someone.

tig · June 7, 2022, 1:56pm

Thanks for sharing. well done

Ayamoto · June 26, 2022, 4:24pm

Do we have to learn C to make good malware or can python or bash be enough?

cipherkrytor1 · June 27, 2022, 5:56pm

i think python isnt a good language for malware dev

Ayamoto · June 27, 2022, 6:23pm

Why do you think it is not suitable

cipherkrytor1 · June 27, 2022, 6:33pm

because you habe to install python on victim pc. there are powershell scripts that can do that i think. but i am a noob bro so dont take my word.

Ayamoto · June 27, 2022, 6:55pm

Even if I put my python script in an exe, they must still have python? and C it is not the case.

Glorth · June 30, 2022, 12:04am

If it’s a .exe you don’t need Python installed.

Ayamoto · July 6, 2022, 1:42pm

That’s what I was thinking so python is cool for malware?

cpp_user · July 6, 2022, 4:46pm

As a POC malware developer, I can’t say Python is good. If you want high performance, an important part in malware, you have to learn a compiled language. I would recommend C/C++ or Go. Go is good for desktop and server malware, C/C++ for all places because it is cross platform. Python is not cross platform, so it is not good. Speaking from experience. Earlier, malware devs would use Python, but the problem was when compiling for Windows using py2exe, it would leave a lot of metadata used to identify them. So, they switched to Go. Go is easier to learn than Python, is powerful as C++/C, and is compiled, fast as well, and is high level. Go generated executables are big, so pack them with UPX. C++/C are low level languages and are more cross platform than Go, so what I did was learn C++ and Go. C++ and C can be used together, Go can be used with C, but not C++. So, what you should do is learn a low level language and a high level language. Also, Go is the easiest programming language in existence currently, so making malware will be easy in Go and it can replace C/C++ sometimes, but for mobile malware, you should use C/C++.

cpp_user · July 6, 2022, 4:47pm

Go runs on UNIX and its variants (MacOS, Linux, BSD,) and Windows, C++ on all platforms in existence currently.

C12H4Cl2F6N4OS · July 10, 2022, 8:43pm

Considering most malware uses OS specific APIs when writing malware in C/C++, means the code is not cross platform at all…

nightwolf · July 27, 2022, 3:21pm

It depends, for example, you could take a look at Sliver a C2 framework written in Go. There are things that are OS specific but a base implant can be generated for just about anything Go can compile to in theory. Really, a lot of language choice boils down to personal preference and the challenges you want to deal with.

C12H4Cl2F6N4OS · July 27, 2022, 8:56pm

If you read my comment, I explicitly state “malware in c/c++”, not Golang.