TheMalwareGuardian/Bootkits-Rootkits-Development-Environment
Automated environment setup for Bootkit & Rootkit development.
๐ดโโ ๏ธ Bootkits & Rootkits Development Environment
This repository is part of my effort to make Bootkit & Rootkit development more accessible. Setting up a proper environment for low-level development can be tedious and time-consuming, so the scripts provided here automate the setup process, making it easier to configure and start experimenting with bootkits and rootkits.
๐ Table of Contents
- Setting Up the Environment for Developing Bootkits and Rootkits on Windows
- Setting Up the Environment for Developing Bootkits and Rootkits on Linux
- Additional Resources
- Example Projects
- Contact
๐ฅ๏ธ Setting Up the Environment for Developing Bootkits and Rootkits on Windows
This PowerShell script is meticulously crafted to automate the setup of a development environment specifically tailored for creating UEFI Bootkits and Kernel Rootkits on Windows. It streamlines the otherwise manual and time-consuming tasks of installing necessary tools and configuring TianoCore EDK2 (EFI Development Kit) and WDK (Windows Driver Kit), allowing developers to focus more on bootkits/rootkits innovation and less on setup ๐.
How to Execute
To automate the creation and setup of your development environment, follow these steps:
-
Open PowerShell (Some options require administrator permissions):
- Open PowerShell by searching for it in the Start Menu.
- For administrator permissions, right-click PowerShell and select Run as Administrator.
-
Set the Execution Policy (Optional):
- If you encounter an error related to script execution, you can temporarily change the execution policy by running: 'Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass'. This allows scripts to run in the current session without permanently changing system settings. Alternatively, to remove all restrictions, use: 'Set-ExecutionPolicy Unrestricted'.
-
Navigate to the Script Directory:
- Use the cd command to navigate to the folder containing the script.
-
Execute the Script:
- Run the script by entering '.\Setup_Development_Environment_Windows.ps1'
-
Follow the Prompts:
- Respond to the on-screen prompts to select your desired action.
Usage Example
The script simplifies the following steps:
==============================================================================================
Overview:
- PowerShell Script for Automating Bootkits/Rootkits Development Environment Setup in Windows
Note:
- All options have been tested on the latest version of Windows 11 24H2
LinkedIn:
- https://www.linkedin.com/in/vazquez-vazquez-alejandro/
Github:
- https://github.com/TheMalwareGuardian/
==============================================================================================
------------------------------------------- MENU ---------------------------------------------
BOOTKITS
1a. Bootkits - Requirements -> Visual Studio 2019 Community + Git + Python + NASM + ASL
1b. Bootkits - Set Up Environment -> EDK2
1c. Bootkits - Tools -> UEFITool + HxD + OpenSSL
1d. Bootkits - PoCs -> UEFI Applications + DXE Runtime Drivers
DEBUGGING
2a. Debugging - Requirements -> WinDbg
2b. Debugging - Set Up Environment -> Enable Debugging
2c. Debugging - Tools -> Microsoft Sysinternals Suite + Process Hacker
2d. Debugging - Scripting -> PoCs - WinDbg Classic + JavaScript + Python PYKD + WinDbg Extensions
2e. Debugging - Debugging Diagram -> Host (Debugger) + Target (Debugee)
ROOTKITS
3a. Rootkits - Requirements -> Visual Studio 2022 Community + SDK + WDK + Visual Studio Code
3b. Rootkits - Set Up Environment -> Enable Test Mode + Disable Integrity Checks
3c. Rootkits - Tools -> OSR Driver Loader + Ghidra + IDA Free
3d. Rootkits - PoCs -> Kernel Mode Drivers & Console Applications
RESOURCES
4a. Resources - My Repositories -> A compilation of resources dedicated to bootkit and rootkit development
PROGRAM TERMINATION
Q. Exit
----------------------------------------------------------------------------------------------
Choose an option: 1a
You have selected the option 'Bootkits - Requirements -> Visual Studio 2019 Community + Git + Python + NASM + ASL + OpenSSL'
Do you want to proceed? (Press 'Y'):
Video Walkthrough
To make it even easier, I've prepared a complete video walkthrough that shows how to use the setup script step-by-step. From installing dependencies to running your first Bootkit and Rootkit builds, everything is covered visually. Watch the full video here.
๐ง Coming Soon... ๐ง
๐ฅ๏ธ Setting Up the Environment for Developing Bootkits and Rootkits on Linux
This Bash script is meticulously crafted to automate the setup of a development environment specifically tailored for creating UEFI Bootkits and Kernel Rootkits on Linux. It streamlines the otherwise manual and time-consuming tasks of installing necessary tools and configuring TianoCore EDK2 (EFI Development Kit), allowing developers to focus more on bootkits/rootkits innovation and less on setup ๐.
Work in progress. Stay tuned for updates!
| Feature | Status |
|---|---|
| Environment Setup | ๐ In Progress |
| Documentation | ๐ In Progress |
| Malware Examples | โณ Researching |
How to Execute
To automate the creation and setup of your development environment, follow these steps:
-
Open a Terminal
- You can do this by pressing Ctrl+Alt+T or launching your terminal application.
-
Navigate to the Script Directory
- Use the cd command to go to the folder where the script is located
-
Make the Script Executable
- Before running the script for the first time, you may need to set the executable permission: chmod +x Setup_Development_Environment_Linux.sh
-
Execute the Script
- Run the script by typing ./Setup_Development_Environment_Linux.sh
-
Follow the Prompts
- The script may offer a menu or prompt for options. Choose the ones that match your setup needs.
Usage Example
The script simplifies the following steps:
==============================================================================================
Overview:
- Bash Script for Automating Bootkits/Rootkits Development Environment Setup in Linux
Note:
- All options have been tested on Ubuntu 22.04 LTS
LinkedIn:
- https://www.linkedin.com/in/vazquez-vazquez-alejandro/
Github:
- https://github.com/TheMalwareGuardian/
==============================================================================================
------------------------------------------- MENU ---------------------------------------------
BOOTKITS
1a. Bootkits - Requirements -> GCC + Git + Python + NASM + ASL
1b. Bootkits - Set Up Environment -> EDK2
1c. Bootkits - Tools -> OpenSSL + efitools + sbsigntools
1d. Bootkits - Create Keys -> Generate UEFI test keys and certificates
ROOTKITS
3a. Rootkits - Requirements -> Kernel headers
PROGRAM TERMINATION
Q. Exit
----------------------------------------------------------------------------------------------
Choose an option: 1a
[!] You have selected the option 'Bootkits - Requirements -> GCC + Git + Python + NASM + ASL'
[?] Do you want to proceed? (Press 'Y'):
๐ Additional Resources
To help both beginners and experienced developers, I've also put together a collection of useful materials, including videos, articles, malware examples, and other resources to deepen your understanding of bootkits and rootkits:
๐ TheMalwareGuardian: Awesome Bootkits & Rootkits Development Resources
๐ Example Projects
If you're looking for simple Bootkit & Rootkit projects to get started, check out these repositories, where I share foundational examples to help you build your own:
๐ TheMalwareGuardian: Abyss - Windows UEFI Bootkit
๐ TheMalwareGuardian: Benthic - Windows Rootkit
๐ฌ Contact
If you have questions, need further clarification, or are interested in collaboration, feel free to reach out via LinkedIn.