RED TEAM Operator: Malware Development Essentials Course

Intro and Setup
Introduction
3 mins
Development VM Setup
6 mins
RTO-Win10.ova
RTO-maldev.zip
1.94 MB
Portable Executable
PE files - format and structure
4 mins
PE Bear - looking inside
5 mins
Generating EXE vs DLL
6 mins
PE compilation
11 mins
Droppers
Where to store payloads?
6 mins
Storing payloads in code section
13 mins
Data section as a container
6 mins
Payloads in resource section
11 mins
Obfuscation and Hiding
Encoding and Encryption
6 mins
Payload encoding
10 mins
Encrypting payloads - XOR
7 mins
Encrypting payloads - AES
7 mins
Antivirus vs call obfuscation
4 mins
Implementing function call obfuscation
12 mins
Backdoors and Trojans
Backdooring PE theory
5 mins
Making Putty a trojan
21 mins
Code Injection
What is code injection?
5 mins
Injecting code into remote process
5 mins
Implementing code injection
9 mins
Loading DLLs into remote process
6 mins
DLL generator and injector
8 mins
Extras
Making program invisible
8 mins
Combined Project
Dropper overview
1 min
Dropper implementation
25 mins
Bypassing Windows Defender
17 mins
Assignment
Summary
Course closing information
4 mins