Malware development from beginer to expert

Accompanying video on YouTube for this below lecture. check now and please subscribe and like the video

NOTE: hey friends last year i quit my job, now am a full time freelancer and IT security teacher

This my take on malware development were we are going to develop from a prototype already out there to a something much more powerful

If you a cybersecurity professional, a pen tester, red teamer,having the skills to write undetectable malware is great and very rewarding.

Pros tend to use tools like metasploit, LordPE, shelter, veil, amitarge and others to accomplish given tasks but their is always a high possibility of getting caught by SOC team av solutions and that is not good.

Another reason to write your FUD malware from scratch is to eliminate the need for Metasploit, since it can handle only one connection at a time. Whereas, during red teaming we always needed a CnC Server solution that can handle and control all the target machines together just like a botnet.

So in these series were are going to begin our journey of learning malware development at the same time applying software engineering principles, cryptography, forensics, networking and obfuscation from the basic principles to the most in the wild.

OUR ROAD MAP OUT OF ORDER

Simple malware (prototype)
Basics of software engineering
Choosing a software methodology to follow
Rewriting our malware from scratch
digital forensics basics
Basics of penetration testing
Basics of red teaming
Basics of cryptography
window system programming
Networking programming
Driver and kernel programming
Adding rootkit features to our product

Shall add others to the mix as needed

Prerequisites
Python programming skills (soon videos will be available)
C/C++ programming skills

FUNCTIONALITY OF OUR PROTOTYPE

whoami function
pwd function
ls function
move/ copy function
delete file function
download file function
upload file function

one thing to avoid is executing most of the commands via command shell Win API, reason being that it becomes easier for endpoint monitoring tools to detect anomalies and find out that it’s a suspicious binary even though we can evade anti-virus software easily.

But still we should write this code, because you never know when you might need to execute shell commands or execute powershell/vbs/batch scripts remotely, and secondly, it is the easiest to start with as a beginner when learning malware development.

3 Likes

There’s the sak1to-shell that has the very basics for C2 communication via the C programming language that you can use as a base during your video series.

Thanks bro am glad let me checkout

When does the next vid drop my friend?

1 Like

today am dropping the next five videos my friend

1 Like