A 100-Day Journey into Malware Development & Analysis
Ever feel like someone’s watching you online? You search for cat food once, and suddenly, your entire feed is feline-focused. It's not just coincidence. Tiny bits of code, often unnoticed, are working behind the scenes, learning everything about you.
We all click around, sign up, download stuff. Seems harmless, right? But what if just a handful of characters, a few lines of text, could open the door to your private world?
We built ProjectMal100 not to do bad stuff, but to show you how easily bad stuff can happen. Think of it as showing you a picture of a dangerous spider so you know to look out for it.
A tiny script, maybe just 100 lines or even less, can do wild things. It can grab info you type. It can see what sites you visit. It can follow you around the internet. Your digital footprint suddenly looks like a neon sign flashing "MINE YOUR DATA HERE!"
Think of your phone or computer like your house. You lock the front door, right? Maybe lock the windows too. But what if there was this tiny, almost invisible crack in the wall that someone could peek through? Or worse, slip a key through? That's what some code can do. It finds the little cracks you never knew were there.
-
Think Before You Click: Links in emails? Messages from strangers? Stop. Think. Is it real?
-
Check App Permissions: Does that game really need to know your location 24/7? Probably not.
-
Use Strong Passwords: Don't be lazy here. Mix it up.
-
Keep Software Updated: Those updates fix the little cracks. Install them.
-
Be Careful What You Share: Once it's online, it's kinda... everywhere. Guard your private stuff.
Technology is amazing. It connects us, builds things, makes life easier. That's the 'light of the world' part. Using it for good, for building cool stuff, for helping people – that's the goal.
But like any powerful tool, it can be misused. Our job, if we want a better world, is to understand how it works, the good and the bad, and to use our knowledge to protect ourselves and help others understand too. Being aware is the first step to being safe.
This repo is a small piece of that understanding. Use it to learn, to question, to become more aware. Share what you learn with others. Help shine a light on the dark corners of the internet.
Stay safe out there. If you wanna chat more about this stuff, find me on LinkedIn: Your LinkedIn Profile
"The price of anything is the amount of life you exchange for it." - Henry David Thoreau
This repository is intended for educational and research purposes only.
It contains samples of malware and exploitation techniques to help students, analysts, and researchers understand how threats work at a low level.
Do not run any of these samples on physical systems. Use isolated virtual environments only. Misuse of this repository may be illegal and unethical.
By using this code, you agree to take full responsibility for how it is used.
-
Teach core malware development concepts in a responsible and academic way
-
Demonstrate common evasion, obfuscation, persistence, and payload techniques
-
Develop 100 different examples ranging from beginner to advanced
-
Improve reverse engineering and malware analysis skills
-
Provide cybersecurity awareness and transparency through code.
100-day-mal-project/
├── Day01_ArmoredVirus/
│ ├── armored_template.c
│ └── README.md
├── Day02_PolymorphicKeylogger/
├── Day03_CodeInjection_PE/
├── ...
├── README.md ← You're here
└── LICENSE
Each folder contains:
-
Source code (.c/.cpp)
-
Mini README explaining the technique used
-
Safe payload or placeholder, never destructive code
-
Comments explaining every section
-
Anti-debugging and sandbox detection
-
Obfuscation & polymorphism
-
Process injection (classic, reflective, DLL)
-
Fileless execution (memory-only)
-
Keylogging, hooking, and shellcode loaders
-
Evasion tactics used in real-world malware
-
Persistence methods (registry, services, startup tasks)
-
Command-and-control (simulated for research only)
-
Cryptographic misuse in malware
-
Packers and custom encryption
This is a library of malware behavior, not a library of threats.
-
Use inside VMs only (VirtualBox/VMware)
-
Do NOT run on production or personal machines
-
Use tools like:([GitHub][4])
-
x64dbg / OllyDbg (debugging)
-
Procmon / Process Hacker (monitoring)
-
Wireshark / Fiddler (network behavior)
-
Ghidra / IDA Free (reverse engineering)
-
This project is released under the MIT License. Use for educational and ethical hacking purposes only.
-
Want to add a sample?
-
Suggest a modern malware technique?
-
Help rewrite for better documentation?
PRs are welcome — as long as they follow the educational intent of the project.
“Know your enemy and know yourself, and you need not fear the result of a hundred battles.” – Sun Tzu, The Art of War
In a world full of cyber threats, understanding malware is the first step to defeating it.