1. RED TEAM Operator: Malware Development Essentials Course

    Buy now Learn more
  2. Intro and Setup

    1. Introduction
    2. Development VM Setup
    3. RTO-Win10.ova
    4. RTO-maldev.zip
  3. Portable Executable

    1. PE files - format and structure
    2. PE Bear - looking inside
    3. Generating EXE vs DLL
    4. PE compilation
  4. Droppers

    1. Where to store payloads?
    2. Storing payloads in code section
    3. Data section as a container
    4. Payloads in resource section
  5. Obfuscation and Hiding

    1. Encoding and Encryption
    2. Payload encoding
    3. Encrypting payloads - XOR
    4. Encrypting payloads - AES
    5. Antivirus vs call obfuscation
    6. Implementing function call obfuscation
  6. Backdoors and Trojans

    1. Backdooring PE theory
    2. Making Putty a trojan
  7. Code Injection

    1. What is code injection?
    2. Injecting code into remote process
    3. Implementing code injection
    4. Loading DLLs into remote process
    5. DLL generator and injector
  8. Extras

    1. Making program invisible
  9. Combined Project

    1. Dropper overview
    2. Dropper implementation
    3. Bypassing Windows Defender
    4. Assignment
  10. Summary

    1. Course closing information
  1. Products
  2. Course
  3. Section
  4. Lesson

PE Bear - looking inside

  1. RED TEAM Operator: Malware Development Essentials Course

    Buy now Learn more
  2. Intro and Setup

    1. Introduction
    2. Development VM Setup
    3. RTO-Win10.ova
    4. RTO-maldev.zip
  3. Portable Executable

    1. PE files - format and structure
    2. PE Bear - looking inside
    3. Generating EXE vs DLL
    4. PE compilation
  4. Droppers

    1. Where to store payloads?
    2. Storing payloads in code section
    3. Data section as a container
    4. Payloads in resource section
  5. Obfuscation and Hiding

    1. Encoding and Encryption
    2. Payload encoding
    3. Encrypting payloads - XOR
    4. Encrypting payloads - AES
    5. Antivirus vs call obfuscation
    6. Implementing function call obfuscation
  6. Backdoors and Trojans

    1. Backdooring PE theory
    2. Making Putty a trojan
  7. Code Injection

    1. What is code injection?
    2. Injecting code into remote process
    3. Implementing code injection
    4. Loading DLLs into remote process
    5. DLL generator and injector
  8. Extras

    1. Making program invisible
  9. Combined Project

    1. Dropper overview
    2. Dropper implementation
    3. Bypassing Windows Defender
    4. Assignment
  10. Summary

    1. Course closing information