RED TEAM Operator: Malware Development Intermediate Course
Buy now
Learn more
Intro and Setup
Course Introduction
Development VM Setup
RTO-MalDev2.ova
RTO-MDI.zip
RTO-MDI-encrypted.zip
PE madness
Revisiting PE file format
Walking through Export Address Table
Dancing with IAT
GetProcAddress/GetModuleHandle implementations
PE with no imports
Assignment
Code Injection
Classic Injection Variations
Thread Context
Sections & Views
Asynchronous Procedure Calls
EarlyBird
Assignment
Reflective DLLs
Reflective Injection Explained
ReflectiveLoader source review
Implanting RDI in source code
Shellcode RDI
Assignment
x86 vs x64
WoW64 and Heaven's Gate
Migrating between 32-bit & 64-bit processes
Hooking
API Hooking intro
Hooking with Detours
IAT hooks
In-line patching
Assignment
Payload Control via IPC
MultiPayload Control
Combined Project
Project Design
VCsniff
VCmigrate
VCpersist
Assignment #1
Assignment #2
Assignment #3
Summary
Closing words
Products
Course
RED TEAM Operator: Malware Development Intermediate Course
RED TEAM Operator: Malware Development Intermediate Course
RED TEAM Operator: Malware Development Intermediate Course
Buy now
Learn more
Intro and Setup
Course Introduction
Development VM Setup
RTO-MalDev2.ova
RTO-MDI.zip
RTO-MDI-encrypted.zip
PE madness
Revisiting PE file format
Walking through Export Address Table
Dancing with IAT
GetProcAddress/GetModuleHandle implementations
PE with no imports
Assignment
Code Injection
Classic Injection Variations
Thread Context
Sections & Views
Asynchronous Procedure Calls
EarlyBird
Assignment
Reflective DLLs
Reflective Injection Explained
ReflectiveLoader source review
Implanting RDI in source code
Shellcode RDI
Assignment
x86 vs x64
WoW64 and Heaven's Gate
Migrating between 32-bit & 64-bit processes
Hooking
API Hooking intro
Hooking with Detours
IAT hooks
In-line patching
Assignment
Payload Control via IPC
MultiPayload Control
Combined Project
Project Design
VCsniff
VCmigrate
VCpersist
Assignment #1
Assignment #2
Assignment #3
Summary
Closing words
Learn more
Buy now
More advanced offensive security tools (OST) development techniques in Windows, including: API hooking, 32-/64-bit migrations, reflective binaries and more.
Intro and Setup
5 Lessons
Course Introduction
Development VM Setup
RTO-MalDev2.ova
RTO-MDI.zip
RTO-MDI-encrypted.zip
PE madness
6 Lessons
Revisiting PE file format
Walking through Export Address Table
Dancing with IAT
GetProcAddress/GetModuleHandle implementations
PE with no imports
Assignment
Code Injection
6 Lessons
Classic Injection Variations
Thread Context
Sections & Views
Asynchronous Procedure Calls
EarlyBird
Assignment
Reflective DLLs
5 Lessons
Reflective Injection Explained
ReflectiveLoader source review
Implanting RDI in source code
Shellcode RDI
Assignment
x86 vs x64
2 Lessons
WoW64 and Heaven's Gate
Migrating between 32-bit & 64-bit processes
Hooking
5 Lessons
API Hooking intro
Hooking with Detours
IAT hooks
In-line patching
Assignment
Payload Control via IPC
1 Lesson
MultiPayload Control
Combined Project
7 Lessons
Project Design
VCsniff
VCmigrate
VCpersist
Assignment #1
Assignment #2
Assignment #3
Summary
1 Lesson
Closing words