This repository contains source codes of various techniques used by real-world malware authors, red teamers, threat actors, state-sponsored hacking groups etc. These techniques are well-researched and implemented in Rust.
Repository managed by @5mukx
Note: These are my own research and implementations, derived from the original authors' work. If you discover any errors in these codes, please contact or contribute to this repository.
To Learn Rust -> Rust Book
Windows API [old]-(winapi)-> WinAPI
Windows API (by Official Microsoft) -> WinAPI
ntapi Crate -> NtAPI
Windows Internels -> Link
RedTeam Notes -> Link
Manifest dependencies for winapi to test and execute
Copy the dependencics in Cargo.toml file
[dependencies]
winapi = { version = "0.3.9", features = ["winuser","setupapi","dbghelp","wlanapi","winnls","wincon","fileapi","sysinfoapi", "fibersapi","debugapi","winerror", "wininet" , "winhttp" ,"synchapi","securitybaseapi","wincrypt","psapi", "tlhelp32", "heapapi","shellapi", "memoryapi", "processthreadsapi", "errhandlingapi", "winbase", "handleapi", "synchapi"] }
ntapi = "0.4.1"
user32-sys = "0.2.0"
Tips for Rust Beginners: Copy and save the dependencies in Cargo.toml File. Versions may be different. Just copy the features when testing.