Hi. I build Windows malware in Rust just to understand how these things work.
How code becomes presence, how persistence is earned, and how a program becomes something more than just a file and become a nightmare.

They're not just binaries. They're creatures.
They adapt, persist, and sometimes outsmart the system.

Rust is the tool. Curiosity is the motive.
I like the moment when it starts to act like it's alive.

⚠️ WARNING

The code is provided for educational and research purposes only. You are solely responsible for how you use it. Test everything in isolated, controlled environments. Never deploy outside lab conditions.

Malware is illegal and for nerds.

Manual in-memory PE loading in Rust. No touching disk, no LoadLibrary.
Implements relocations, imports, TLS, memory protections, and DllMain execution.

Goal: Digital BSL-4.

Non-exhaustive collection of classic and modern DLL/shellcode injection methods.
Everything modular and runnable from the CLI.

Goal: Understand how Windows injectors work.

Rust crate developed with a friend for detecting analysis environments:

• Tooling presence, MAC patterns, sandbox artifacts, user interaction checks
• Inspired by academic papers and real-world malware

Goal: Explore dynamic analysis evasion.

Simple remote access tool (RAT) using DLL injection and port knocking.
Listens silently until a custom UDP sequence is received, then opens a TCP shell for remote command execution.

Built to explore stealth activation, persistence, and remote control under user context.

Lightweight infostealer with persistence, keylogging, and screenshot capabilities.
Grabs credentials from Chromium-based browsers and exfiltrates via Discord webhooks.

Not advanced, but useful for practicing payload chaining and basic C2 design.

• Microsoft Win32 API reference
• Rust bindings for Windows
• vx-underground
• Malware papers & conference talks (DEFCON, BlackHat, OffensiveCon...)
• GitHub repos by unknown geniuses
• The Internet