Astaroth
Moderator
Welcome to Malware Development Advanced (Vol.1) course!
ways to hide your payload inside NTFS and registry hive
- learning object enumeration alternatives in the system memory
- manipulating Process Environment Blocks to hide your module and confuse the potential defender
- finding .NET process with RWX memory ready to abuse
- detecting new process creation (from userland)
- setting up global hooks
- learning few userland rootkit techniques to hide your files, registry keys and processes
- abusing memory and hardware breakpoints for hooking
- hiding payload with Gargoyle and similar techniques
- creating custom "RPC" allowing to call any API function with any number of parameters in a remote process
- learning COFF objects, how to build, parse, load and execute them in the memory
The course ends with a custom project, employing some of the discussed techniques.
You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.
COURSE IN A NUTSHELL
You Will Learn How To
You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.
COURSE IN A NUTSHELL
You Will Learn How To
- Hide payloads in the corners of NTFS and registry
- Enumerate processes, modules and handles with alternatives
- Find a perfect process for injection
- Set up global hooks
- Use few userland rootkit techniques
- Abuse exception handlers
- Hide a payload in a memory
- Call any API (with any number of params) in a remote process
- Build custom COFF objects
What Will You Get?- Full-blown videos explaining all techniques in detail
- Transcription with English subtitles
- Text supplements with additional information (code snipets, structure definitions, technology description and context, etc.)
- Source code with code templates for rapid development
- VM image with ready-to-use development environment
Requirements- Recommended: taking Malware Development Intermediate course
- Solid understanding of operating system architecture
- Good experience with Windows OS
- Computer with min. 4 GB of RAM + 30 GB of free disk space
- VirtualBox 7.0+ installed
- Strong will to learn and having fun
Target Audience- Ethical Hackers
- Penetration Testers
- Blue Teamers
- Threat Hunters
- All security engineers/professionals wanting to learn advanced offensive tactics
You must reply in thread to view hidden text or upgrade your account to always see hidden content.