{"heading":"Contents","id":17530666,"theme":{"name":"dark","colors":{"background":"#f5f9fd","button":"#55acdb","buttonText":"#ffffff","heading":"#36434d","text":"#5e6971"},"background":{"blend":"multiply","blur":0,"contrast":75,"grayscale":100,"opacity":38,"url":null}},"button":{"text":null,"url":null},"enrollmentsClosed":false,"fileCounts":{"file":"2 files","text":"1 text file","video":"28 videos"},"includedHeading":"What's included?","preLaunch":false,"products":null,"sections":[{"id":214125,"default":true,"name":"Contents","description":null,"blocks":[]},{"id":214128,"default":false,"name":"Intro and Setup","description":"

Short introduction to malware development and setting up our test environment

","blocks":[{"id":623966,"icon":"play-circle-o","title":"Introduction","length":"3 mins","filesize":"5.88 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214128-intro-and-setup/623966-introduction"}},{"id":624919,"icon":"play-circle-o","title":"Development VM Setup","length":"6 mins","filesize":"16.5 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214128-intro-and-setup/624919-development-vm-setup"}},{"id":625288,"icon":"link","title":"RTO-Win10.ova","length":null,"filesize":null,"preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214128-intro-and-setup/625288-rto-win10-ova"}},{"id":625339,"icon":"paperclip","title":"RTO-maldev.zip","length":null,"filesize":"1.94 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214128-intro-and-setup/625339-rto-maldev-zip"}}]},{"id":214144,"default":false,"name":"Portable Executable","description":"

Explore PE files, their structure and where is a good place for your payload

","blocks":[{"id":624069,"icon":"play-circle-o","title":"PE files - format and structure","length":"4 mins","filesize":"16.6 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214144-portable-executable/624069-pe-files-format-and-structure"}},{"id":624071,"icon":"play-circle-o","title":"PE Bear - looking inside","length":"5 mins","filesize":"18.3 MB","preview":true,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214144-portable-executable/624071-pe-bear-looking-inside"}},{"id":624072,"icon":"play-circle-o","title":"Generating EXE vs DLL","length":"6 mins","filesize":"12.8 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214144-portable-executable/624072-generating-exe-vs-dll"}},{"id":624074,"icon":"play-circle-o","title":"PE compilation","length":"11 mins","filesize":"40.5 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214144-portable-executable/624074-pe-compilation"}}]},{"id":214146,"default":false,"name":"Droppers","description":"

Learn how to write custom droppers

","blocks":[{"id":624082,"icon":"play-circle-o","title":"Where to store payloads?","length":"6 mins","filesize":"11.2 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214146-droppers/624082-where-to-store-payloads"}},{"id":624089,"icon":"play-circle-o","title":"Storing payloads in code section","length":"13 mins","filesize":"46.7 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214146-droppers/624089-storing-payloads-in-code-section"}},{"id":624087,"icon":"play-circle-o","title":"Data section as a container","length":"6 mins","filesize":"24.1 MB","preview":true,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214146-droppers/624087-data-section-as-a-container"}},{"id":624088,"icon":"play-circle-o","title":"Payloads in resource section","length":"11 mins","filesize":"41.1 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214146-droppers/624088-payloads-in-resource-section"}}]},{"id":214148,"default":false,"name":"Obfuscation and Hiding","description":"

Discover how to hide your code from static and dynamic analysis

","blocks":[{"id":624096,"icon":"play-circle-o","title":"Encoding and Encryption","length":"6 mins","filesize":"11.2 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214148-obfuscation-and-hiding/624096-encoding-and-encryption"}},{"id":624101,"icon":"play-circle-o","title":"Payload encoding","length":"10 mins","filesize":"39.2 MB","preview":true,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214148-obfuscation-and-hiding/624101-payload-encoding"}},{"id":624107,"icon":"play-circle-o","title":"Encrypting payloads - XOR","length":"7 mins","filesize":"32.4 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214148-obfuscation-and-hiding/624107-encrypting-payloads-xor"}},{"id":624106,"icon":"play-circle-o","title":"Encrypting payloads - AES","length":"7 mins","filesize":"28 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214148-obfuscation-and-hiding/624106-encrypting-payloads-aes"}},{"id":624102,"icon":"play-circle-o","title":"Antivirus vs call obfuscation","length":"4 mins","filesize":"8.84 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214148-obfuscation-and-hiding/624102-antivirus-vs-call-obfuscation"}},{"id":624111,"icon":"play-circle-o","title":"Implementing function call obfuscation","length":"12 mins","filesize":"40.2 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214148-obfuscation-and-hiding/624111-implementing-function-call-obfuscation"}}]},{"id":214153,"default":false,"name":"Backdoors and Trojans","description":"

Learn how to backdoor existing software and convert it into a custom trojan.

","blocks":[{"id":624139,"icon":"play-circle-o","title":"Backdooring PE theory","length":"5 mins","filesize":"9.52 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214153-backdoors-and-trojans/624139-backdooring-pe-theory"}},{"id":624143,"icon":"play-circle-o","title":"Making Putty a trojan","length":"21 mins","filesize":"101 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214153-backdoors-and-trojans/624143-making-putty-a-trojan"}}]},{"id":214157,"default":false,"name":"Code Injection","description":"

Explore potential ways to inject your payload with classic shellcode and DLL injections

","blocks":[{"id":637143,"icon":"play-circle-o","title":"What is code injection?","length":"5 mins","filesize":"11.1 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214157-code-injection/637143-what-is-code-injection"}},{"id":624159,"icon":"play-circle-o","title":"Injecting code into remote process","length":"5 mins","filesize":"8.87 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214157-code-injection/624159-injecting-code-into-remote-process"}},{"id":624168,"icon":"play-circle-o","title":"Implementing code injection","length":"9 mins","filesize":"35 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214157-code-injection/624168-implementing-code-injection"}},{"id":624161,"icon":"play-circle-o","title":"Loading DLLs into remote process","length":"6 mins","filesize":"12.5 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214157-code-injection/624161-loading-dlls-into-remote-process"}},{"id":624171,"icon":"play-circle-o","title":"DLL generator and injector","length":"8 mins","filesize":"30.6 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214157-code-injection/624171-dll-generator-and-injector"}}]},{"id":214161,"default":false,"name":"Extras","description":"","blocks":[{"id":624179,"icon":"play-circle-o","title":"Making program invisible","length":"8 mins","filesize":"27.8 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214161-extras/624179-making-program-invisible"}}]},{"id":214164,"default":false,"name":"Combined Project","description":"

Take everything what you have learned so far, and build a new custom dropper

","blocks":[{"id":624187,"icon":"play-circle-o","title":"Dropper overview","length":"1 min","filesize":"2.53 MB","preview":true,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214164-combined-project/624187-dropper-overview"}},{"id":624198,"icon":"play-circle-o","title":"Dropper implementation","length":"25 mins","filesize":"100 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214164-combined-project/624198-dropper-implementation"}},{"id":624197,"icon":"play-circle-o","title":"Bypassing Windows Defender","length":"17 mins","filesize":"74.3 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214164-combined-project/624197-bypassing-windows-defender"}},{"id":634310,"icon":"file-text-o","title":"Assignment","length":null,"filesize":null,"preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214164-combined-project/634310-assignment"}}]},{"id":214173,"default":false,"name":"Summary","description":"","blocks":[{"id":624200,"icon":"play-circle-o","title":"Course closing information","length":"4 mins","filesize":"7.23 MB","preview":false,"buttonText":{"closed":"Enrollment is closed","preview":"Preview","purchase":"Get access","view":"View"},"urls":{"purchase":"/red-team-operator-malware-development-essentials/buy?term=full","visit":"/courses/red-team-operator-malware-development-essentials/214173-summary/624200-course-closing-information"}}]}],"showFileCount":true}