SkillAgentSearch skills...

Malware101

101 Educational Content on Malware Analysis And Code Snippets for Educational Use Documented on Posting on GitHub and Hashnode

GenerateConvertImprove

Install / Use

/learn @RicheByte/Malware101
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

Malware101: The Code That Watches You Sleep

A 100-Day Journey into Malware Development & Analysis

everything is hand-coded

The Invisible Threat

Ever feel like someone’s watching you online? You search for cat food once, and suddenly, your entire feed is feline-focused. It's not just coincidence. Tiny bits of code, often unnoticed, are working behind the scenes, learning everything about you.

We all click around, sign up, download stuff. Seems harmless, right? But what if just a handful of characters, a few lines of text, could open the door to your private world?

Malware101: A Glimpse into the Dark Side

We built ProjectMal100 not to do bad stuff, but to show you how easily bad stuff can happen. Think of it as showing you a picture of a dangerous spider so you know to look out for it.

A tiny script, maybe just 100 lines or even less, can do wild things. It can grab info you type. It can see what sites you visit. It can follow you around the internet. Your digital footprint suddenly looks like a neon sign flashing "MINE YOUR DATA HERE!"

Think of your phone or computer like your house. You lock the front door, right? Maybe lock the windows too. But what if there was this tiny, almost invisible crack in the wall that someone could peek through? Or worse, slip a key through? That's what some code can do. It finds the little cracks you never knew were there.

How to Stay Safe

  • Think Before You Click: Links in emails? Messages from strangers? Stop. Think. Is it real?

  • Check App Permissions: Does that game really need to know your location 24/7? Probably not.

  • Use Strong Passwords: Don't be lazy here. Mix it up.

  • Keep Software Updated: Those updates fix the little cracks. Install them.

  • Be Careful What You Share: Once it's online, it's kinda... everywhere. Guard your private stuff.

Shine a Light

Technology is amazing. It connects us, builds things, makes life easier. That's the 'light of the world' part. Using it for good, for building cool stuff, for helping people – that's the goal.

But like any powerful tool, it can be misused. Our job, if we want a better world, is to understand how it works, the good and the bad, and to use our knowledge to protect ourselves and help others understand too. Being aware is the first step to being safe.

This repo is a small piece of that understanding. Use it to learn, to question, to become more aware. Share what you learn with others. Help shine a light on the dark corners of the internet.

Connect with Me & Request Access

Stay safe out there. If you wanna chat more about this stuff or request the decryption key, find me on LinkedIn: LinkedIn Profile

To request access to the encrypted archives:

  • Send me a message on LinkedIn with:
    • Your name and affiliation (university, security company, etc.)
    • Purpose of access (course, research, certification prep, etc.)
    • Confirmation you understand the ethical use requirements

"The price of anything is the amount of life you exchange for it." - Henry David Thoreau

Disclaimer

This repository is intended for educational and research purposes only.

It contains samples of malware and exploitation techniques to help students, analysts, and researchers understand how threats work at a low level.

IMPORTANT SECURITY NOTICE:

  • All samples are encrypted with GPG to prevent unauthorized access
  • Decryption key is only provided to verified individuals with legitimate educational/research purposes
  • Do not run any of these samples on physical systems. Use isolated virtual environments only
  • Misuse of this repository may be illegal and unethical
  • Sharing the decryption key publicly is strictly prohibited

By requesting access to this code, you agree to:

  1. Use materials for educational/research purposes only
  2. Keep the decryption key confidential
  3. Take full responsibility for how the materials are used
  4. Never deploy or distribute these techniques maliciously

Project Goals

  • Teach core malware development concepts in a responsible and academic way

  • Demonstrate common evasion, obfuscation, persistence, and payload techniques

  • Develop 100 different examples ranging from beginner to advanced

  • Improve reverse engineering and malware analysis skills

  • Provide cybersecurity awareness and transparency through code.

What Makes This Project Different

  • Responsible Approach - Encryption + gated access is rare and commendable

  • Comprehensive Scope - 100+ samples covering real-world techniques

  • Ethical Foundation - Clear purpose to educate, not enable

  • Accessibility - Written in a way that's not intimidating

Structure

ProjectMal100/
├── 00 - Day - Advanced Malware Analysis Script.tar.gpg
├── 01 - Day - Boot Sector Virus.tar.gpg
├── 02 - Day - Partition Table Virus.tar.gpg
├── 04 - Day - Macro Virus Code.tar.gpg
├── ...
├── 100 - Day - Exploit Kit.tar.gpg
├── README.md  ← You're here
└── LICENSE

Encrypted Archive Protection

All malware samples are encrypted using GPG encryption to prevent unauthorized access and accidental execution.

  • Each day's work is stored as an encrypted .tar.gpg archive
  • Archives contain source code, documentation, and safe payload examples
  • Decryption key required - Contact the repository owner for access
  • This ensures only serious students and researchers can access the materials

Each archive, when decrypted, contains:

  • Source code (.c/.cpp/.py)

  • Mini README explaining the technique used

  • Safe payload or placeholder, never destructive code

  • Comments explaining every section

Techniques Covered

  • Anti-debugging and sandbox detection

  • Obfuscation & polymorphism

  • Process injection (classic, reflective, DLL)

  • Fileless execution (memory-only)

  • Keylogging, hooking, and shellcode loaders

  • Evasion tactics used in real-world malware

  • Persistence methods (registry, services, startup tasks)

  • Command-and-control (simulated for research only)

  • Cryptographic misuse in malware

  • Packers and custom encryption

This is a library of malware behavior, not a library of threats.

How to Access & Run (Education Only)

Requesting Access:

  • Contact repository owner to request the decryption key
  • Provide proof of educational intent (student ID, research affiliation, etc.)
  • Key is provided only to verified students, researchers, and security professionals

Decrypting Archives:

# Decrypt a single archive
gpg --decrypt "00 - Day - Advanced Malware Analysis Script.tar.gpg" > day00.tar

# Extract the decrypted archive
tar -xf day00.tar

Running Safely:

  • Use inside VMs only (VirtualBox/VMware)

  • Do NOT run on production or personal machines

  • Use tools like:

    • x64dbg / OllyDbg (debugging)

    • Procmon / Process Hacker (monitoring)

    • Wireshark / Fiddler (network behavior)

    • Ghidra / IDA Free (reverse engineering)

License

This project is released under the MIT License. Use for educational and ethical hacking purposes only.

❤️ Contributions

  • Want to add a sample?

  • Suggest a modern malware technique?

  • Help rewrite for better documentation?

PRs are welcome — as long as they follow the educational intent of the project.

Final Word

“Know your enemy and know yourself, and you need not fear the result of a hundred battles.” – Sun Tzu, The Art of War

In a world full of cyber threats, understanding malware is the first step to defeating it.

RicheByte

View profile

View on GitHub
GitHub Stars5
CategoryContent
Updated4mo ago
Forks1
RicheByte/Malware101

Languages

Shell

Security Score

72/100

Audited on Nov 17, 2025

No findings