Categorygithub.com/D3Ext/maldevexamples
package
0.1.5
Repository: https://github.com/d3ext/maldev.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
12
Dependents
0
Files
457 SLOC

# README

Examples

Here you can take a look at some real examples in which the maldev functions are used to perform specific tasks:

  • Shellcode Encrypter
  • Shellcode Loader (to run encrypted shellcode in memory)
  • Sandbox detector
  • Windows hashes dumper (similar to secretsdump)
  • Ransomware using AES
  • Rewrite of metasploit pattern_create.rb (DeBruijn algorithm)
  • DLL converter to shellcode

The encrypter and loader are designed to work together because the encrypter generates a random Initialization Vector and encrypts the shellcode using AES cipher with especified PSK and finally writes the shellcode to output file (the IV is appended at the beggining of the shellcode so the loader can get the dynamic IV to decrypt shellcode using PSK)

Demo

Here you can see how this examples are, they've been made to be as much descriptive as posible using logging functions, banners and colors

  • Shellcode Encrypter
  • Shellcode Loader
  • Sandbox detector
  • pattern_create.rb
  • DLL converter

# Functions

No description provided by the author
No description provided by the author