malware-traces-generator

MalwareTracesGenerator

Generate malware traces for detection tests
Report Bug · Request Feature

📋 Table of content

• 📋 Table of content
• 👀 About the project
  • ❓ Why
• 🚀 Getting started
  • ⚙️ Prerequisites
  • 📦 Installation
  • 🥷 Quick examples
• 👷 Contributing
• 🙌 Acknowledgments
• 📚 Licenses

👀 About the project

MalwareTracesGenerator is a tool that helps you create malware traces for detection tests.

❓ Why

It's great for testing configurations, rules, or your Endpoint Detection and Response. It's not meant to fully simulate the behavior of malware, but to reproduce the steps that led to trace creation. By avoiding full and complex simulations, MalwareTracesGenerator is simple but still powerful.

🚀 Getting started

This is just one way you can build the project yourself.

⚙️ Prerequisites

You'll need Cargo and the Windows SDK to get through the installation process.

📦 Installation

This will install using crates.io. If you need more installation options, check out this page. To install it, just enter this command in your preferred terminal:

cargo install malware-traces-generator

🥷 Quick examples

Now that MalwareTracesGenerator is installed, you can start generating some traces! For example, you can spoof a process by doing the following:

mtg traces processes spoofing "cargo.exe" "explorer.exe"

Or you can generate traces from a configuration file:

mtg generate --file "traces.toml"

If you want to know more, check out the documentation.

👷 Contributing

The open source community is an awesome place to learn, inspire, and create, and we're grateful for any contributions you can make. If you're interested, we'd love your help with any kind of work.

🙌 Acknowledgments

Thanks to all the people who made the logo possible:

• AntwortEinesLebens

📚 Licenses

Distributed under the GPL 3.0 or later license.