دوره RED TEAM Operator: Malware Development Intermediate Course

  • Sektor7
  • 3,740 بازدید
  • 0 نظر

This course builds on what you have learned so far by extending your development capabilities with:
  • playing with Process Environment Blocks and implementing our own function address resolution
  • more advanced code injection techniques
  • understanding how reflective binaries work and building custom reflective DLLs, either with source or binary only
  • in-memory hooking, capturing execution flow to block, monitor or evade functions of interest
  • grasping 32- and 64-bit processing and performing migrations between x86 and x64 processes
  • discussing inter process communication and how to control execution of multiple payloads

The course ends with a combined project, where you will create a custom dropper implementing discussed techniques.

You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.

Syllabus

Intro and Setup

PE madness

Code Injection

Reflective DLLs

x86 vs x64

Hooking

Payload Control via IPC

Combined Project

RED TEAM Operator: Malware Development Intermediate Course