RED TEAM Operator: Malware Development Essentials Course
Buy now
Learn more
Intro and Setup
Introduction
Development VM Setup
RTO-Win10.ova
RTO-maldev.zip
Portable Executable
PE files - format and structure
PE Bear - looking inside
Generating EXE vs DLL
PE compilation
Droppers
Where to store payloads?
Storing payloads in code section
Data section as a container
Payloads in resource section
Obfuscation and Hiding
Encoding and Encryption
Payload encoding
Encrypting payloads - XOR
Encrypting payloads - AES
Antivirus vs call obfuscation
Implementing function call obfuscation
Backdoors and Trojans
Backdooring PE theory
Making Putty a trojan
Code Injection
What is code injection?
Injecting code into remote process
Implementing code injection
Loading DLLs into remote process
DLL generator and injector
Extras
Making program invisible
Combined Project
Dropper overview
Dropper implementation
Bypassing Windows Defender
Assignment
Summary
Course closing information
Products
Course
Section
Lesson
PE Bear - looking inside
PE Bear - looking inside
RED TEAM Operator: Malware Development Essentials Course
Buy now
Learn more
Intro and Setup
Introduction
Development VM Setup
RTO-Win10.ova
RTO-maldev.zip
Portable Executable
PE files - format and structure
PE Bear - looking inside
Generating EXE vs DLL
PE compilation
Droppers
Where to store payloads?
Storing payloads in code section
Data section as a container
Payloads in resource section
Obfuscation and Hiding
Encoding and Encryption
Payload encoding
Encrypting payloads - XOR
Encrypting payloads - AES
Antivirus vs call obfuscation
Implementing function call obfuscation
Backdoors and Trojans
Backdooring PE theory
Making Putty a trojan
Code Injection
What is code injection?
Injecting code into remote process
Implementing code injection
Loading DLLs into remote process
DLL generator and injector
Extras
Making program invisible
Combined Project
Dropper overview
Dropper implementation
Bypassing Windows Defender
Assignment
Summary
Course closing information