█████╗ ██╗ ██╗███████╗███████╗ ██████╗ ███╗ ███╗███████╗
██╔══██╗██║ ██║██╔════╝██╔════╝██╔═══██╗████╗ ████║██╔════╝
███████║██║ █╗ ██║█████╗ ███████╗██║ ██║██╔████╔██║█████╗
██╔══██║██║███╗██║██╔══╝ ╚════██║██║ ██║██║╚██╔╝██║██╔══╝
██║ ██║╚███╔███╔╝███████╗███████║╚██████╔╝██║ ╚═╝ ██║███████╗
╚═╝ ╚═╝ ╚══╝╚══╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝
███╗ ███╗ █████╗ ██╗ ██╗ ██╗ █████╗ ██████╗ ███████╗
████╗ ████║██╔══██╗██║ ██║ ██║██╔══██╗██╔══██╗██╔════╝
██╔████╔██║███████║██║ ██║ █╗ ██║███████║██████╔╝█████╗
██║╚██╔╝██║██╔══██║██║ ██║███╗██║██╔══██║██╔══██╗██╔══╝
██║ ╚═╝ ██║██║ ██║███████╗╚███╔███╔╝██║ ██║██║ ██║███████╗
╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝ ╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝
██████╗ ███████╗██╗ ██╗███████╗██╗ ██████╗ ██████╗ ███╗ ███╗███████╗███╗ ██╗████████╗
██╔══██╗██╔════╝██║ ██║██╔════╝██║ ██╔═══██╗██╔══██╗████╗ ████║██╔════╝████╗ ██║╚══██╔══╝
██║ ██║█████╗ ██║ ██║█████╗ ██║ ██║ ██║██████╔╝██╔████╔██║█████╗ ██╔██╗ ██║ ██║
██║ ██║██╔══╝ ╚██╗ ██╔╝██╔══╝ ██║ ██║ ██║██╔═══╝ ██║╚██╔╝██║██╔══╝ ██║╚██╗██║ ██║
██████╔╝███████╗ ╚████╔╝ ███████╗███████╗╚██████╔╝██║ ██║ ╚═╝ ██║███████╗██║ ╚████║ ██║
╚═════╝ ╚══════╝ ╚═══╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝ ╚═╝
Dissect. Understand. Build. Defend.
WARNING: The resources, code snippets, and methodologies listed in this repository are for educational and research purposes only. Do not deploy any offensive techniques against systems you do not own or have explicit permission to test. Maintainers and the contributors are not responsible for any misuse of this information.
To defend against modern adversaries, you must understand how they build their weapons. This repository serves as a curated library of resources for security researchers, analysts, and red teamers to master Malware Analysis, Evasion, and Development.
- MalDev Academy
- Sektor7 - RED TEAM Operator: Malware Development Essentials
- Sektor7 - RED TEAM Operator: Malware Development Intermediate
- Sektor7 - RED TEAM Operator: Malware Development Advanced - Vol.1
- Sektor7 - RED TEAM Operator: Malware Development Advanced - Vol.2
- Zero-Point Security - C2 Development in C#
- Udemy - Malware Development Course 2023: From Zero to Hero
- Udemy - Practical Linux Malware Development
- Malware on Steroids by Dark Vortex
- Windows Kernel Rootkits
- Havoc (NEW 2024–2026) – Modern, malleable C2 framework with beautiful GUI.
- Sliver – Cross-platform implant framework.
- Mythic – Highly modular cross-platform C2.
- Malware Evasion Techniques: API Unhooking
- I Created Malware With Python (it's SCARY easy!!)
- Malware Development Series - crr0ww
- Cosmodium CyberSecurity Playlist
- I Became a Malware Developer Series
- Malware 101 Series
- EDR Bypass Techniques - Cymulate
- Malware Development Tricks - Cocomelonc
- Maelstrom Series
- Writing Custom Backdoor Payloads With C#
- Creating a Rootkit to Learn C
- Malware Development Basics
- String Obfuscation The Malware Way
- The Art of Malware - Bringing the Dead back to life
- Analyzing Malware By API Calls
- Malware Dev
- Writing a Packer
- My First Malware Dev Project in C++
- Malware Development 101-From Zero to Non Hero [BSides-2024]
Malware Development by 0xPat
- Basics (Part 1)
- Anti Dynamic Analysis & sandboxes (Part 2)
- Anti-Debugging (Part 3)
- Anti Static Analysis Tricks (Part 4)
- Tips & Tricks (Part 5)
- Advanced Obfuscation with LLVM (Part 6)
- Secure Desktop Keylogger (Part 7)
- COFF Injection and In-memory Execution (Part 8)
- Hosting CLR and Managed Code Injection (Part 9)
Malware Development by sid4hack
- Part 1 | Part 2 | Part 3 | Part 4
- Part 5: DLL injection into the process
- Part 6: DLL hijacking
- Part 7: Advanced Code Injection
- Part 8: Reverse Shell Via Dll Hijacking
- VX Underground
- MalwareBazaar
- VirusTotal
- MalShare
- Tekdefence
- InQuest
- Malware-Feed
- VX Underground GitHub
- GitHub Topic: Malware Source Code
- The Zoo
- If you want to get good at Malware Development
- How to get into Malware Development (Makosec)
- Awesome Malware Development
This archive is maintained by the @TeamCyberHawkz. If you have a valuable tutorial, tool, or research paper, submit it.
- Fork the repo: Create a branch for your addition.
- Verify the Intel: Ensure the resource is high-quality, relevant, and properly categorized.
- Open a PR: Submit your changes with a brief description of the resource.