Skip to content

jcapellman/METL

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits

METL.InjectorSamples.PE32

METL.InjectorSamples.PE32

 
 

METL.Tests

METL.Tests

 
 

METL

METL

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

METL.sln

METL.sln

 
 

README.md

README.md

 
 

Repository files navigation

MET&L

Malware Embedding Tool & Library

About

The purpose of this library is to provide a quick and easy way to test various methods of malware injection.

Usage

Appending

Similar to what was performed by Malware Researchers back in 2019 appending benign bytes to a malicious file to circumvent both signature and next generation endpoint protection products.

Two methods are available:

Append from a file path

AppendBytesFromFile(byte[] source, string embedFileName)

Append from bytes

AppendBytesFromBytes(byte[] source, byte[] embedBytes)

Injection

A more advanced method is to convert the bytes to a base64 encoded string and then decrypt the string on execution.

Four methods are available:

Inject with a template (PE32 is the only template as of this writing) and malicious file

InjectMalwareFromTemplate(BuiltInTemplates template, string malwareFileName)

Inject from a template file and malicious file

InjectMalwareFromTemplate(string templateName, string malwareFileName)

Inject from a source file and malicious file

InjectMalwareFromFile(string sourceFileName, string malwareFileName)

Inject from a source file and arguments

InjectMalwareFromFile(string sourceFileName, Dictionary arguments)

About

Malware Embedding Tool Library

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages 1

 

Languages