Features • Installation • Examples • Third-party • Contributing • Disclaimer

maldev aims to help malware developers, red teamers and anyone who is interested in cybersecurity. It uses native Golang code and it tries to do all operations from scratch without (almost) any third-party package. The project isn't finished yet and the API may be unstable so your malware may break in a near future, sorry about this.

This are the different categories:

• Cryptography
  • AES
  • RC4
  • Xor
  • Base32
  • Base64
  • Md5
  • Sha1
  • Sha256
  • Sha512
  • Rot13
  • Rot47
  • Bcrypt
  • Elliptic Curve
  • Compare hashes
• Network
  • List all interfaces
  • Get info about an interface
  • List active ports wih its info
  • Check internet connection
  • Get public ip
  • Download a file from URL
  • Get status code from URL
  • Send http POST request with custom data
• Misc
  • Generate random strings
  • Generate random integers
  • Convert dates to epoch format
  • Convert epoch to dates
  • Convert text to leet
• Shellcode
  • Process Injection techniques
  • Get shellcode from file
  • Get shellcode from url
  • Write shellcode to file
  • Convert DLL to shellcode
• Red Team
  • 3 different ways to dump system hashes
  • Steal token from PID (Impersonation)
  • Enable/disable Sticky Keys backdoor
  • Create malicious SCF on given path
• Antiforensics
  • Wiping
  • Timestomping
• Processes
  • List all process
  • Get process name by PID
  • Get list of processes by name
• Exec
  • Execute bash commands
  • Execute powershell commands
  • Execute cmd commands
  • Execute command with Token
• System
  • Whoami
  • Get current dir
  • Get home dir
  • Get current user groups
  • Find installed useful software
  • List files and folders
  • Get environment variables
  • Get generic system information
  • Get SID and RID from windows system
  • Find installed AVs/EDRs
• Scanning
  • Ping an ip
  • Hostscan
  • Portscan
  • Enumerate all subdomains of a domain
  • Check if a domain uses http or https
  • Whois
  • Wappalyzer (identify technologies)
• Logging
  • Status functions
  • ASCII banners
  • Progress bars
  • Colors
  • "log" and "fmt" wrappers
• Working with slices
  • Check if contains a string
  • Check if contains a string (insensitive)
  • Remove duplicates from []string
  • Remove duplicates from []int
  • Lowercase all characters from []string entries
• Working with files
  • Check if file exists
  • Check if path is file
  • Check if path is dir
  • Copy a file or dir (recursive)
  • Get content of a file
  • Directly create a file with content

Just execute this and it should be installed without problems:

go get -u https://github.com/D3Ext/maldev

In every directory there is a README.md which contains at least one example of every defined function, if you don't have enough creativity I encourage you to check out the examples/ directory where I've developed some good examples which use maldev functions

🔲 Kerberos protocol implementation

☑️ Windows hashes dump

☑️ Wappalyzer web fingerprinting

🔲 Publish official package documentation (pkg.go.dev)

☑️ Convert DLL to independent shellcode

🔲 Sandbox detection and more

🔲 Stable progress bars

☑️ Wrapper functions of "fmt" and "log" packages

☑️ Whois functions

🔲 Shikata Ga Nai polymorphic encoder

☑️ Windows token impersonation

🔲 More system enumeration functions

As said above I have tried to implement all functions from scratch but I have also used some external packages:

columnize to create tables and columns easily

go-netstat to retrieve info about local ports

gosecretsdump used to dump hashes from SAM, NTDS and SYSTEM

BananaPhone to perform CreateRemoteThread shellcode injection technique

go-ps used to work with linux processes

go-sysinfo useful to get system information mainly for Windows

wintoken used to interact with Windows API and getting privileges info

EDRHunt used in system/ to look for installed AVs/EDRs

go-figure to create banners easily

Do you want to contribute with any interesting idea? You're in te right place

1 Open an issue to discuss your idea

2 Fork the repo

3 Create a branch

4 Commit your changes

5 Push to the branch

6 Create a new pull request

New features and bugs reports are welcome

Creator isn't in charge of any and has no responsibility for any kind of:

• Unlawful or illegal use of the project.
• Legal or Law infringement (acted in any country, state, municipality, place) by third parties and users.
• Act against ethical and / or human moral, ethic, and peoples of the world.
• Malicious act, capable of causing damage to third parties, promoted or distributed by third parties or the user through this software.

This project is licensed under MIT

Copyright © 2023, D3Ext