002 Installing Yara

Complete Malware Development & Reverse Engineering - Offensive Approach

1. Installing The Tools

001 Installing the Virtual Machine (10:40)
002 Configuring the Virtual Machine (15:14)
002 Lab Setup-v3
003 Installing Flare-VM (5:19)
004 Installing Microsoft Visual Studio 2019 Community (C++) (3:22)
005 Installing Kali Linux (for generating shellcode using Metasploit) (8:42)
006 Creating Shared Folders on Kali (3:44)

2. Building EXE and DLL and Examining PE Structure

001 Building EXE and DLL and Examining PE Structure (15:15)

3.Embedding Shellcode Payloads in EXE files

001 1-intro to embedding shellcode payload (11:37)
002 Embedding Shellcode Payload in .TEXT Section (10:43)
003 Embedding Shellcode Payload in .DATA Section (11:26)

4. Generating Shellcodes Using Metasploit in Kali Linux

001 Generating Shellcodes Using Metasploit in Kali Linux (16:33)

5.Embedding Shellcode Payload in .RSRC Section and Analyzing with xdbg

001 Intro to Embedding Shellcode in .RSRC Section (13:36)
002 Embedding Shellcode Payload in .RSRC Section and Analyzing with xdbg (10:02)

6.Testing Unpacked Dumped Shellcode Payload Using Hexeditor and a C Program

001 Testing Unpacked Dumped Shellcode Payload Using Hexeditor and a C Program (7:57)

7. Base64 Encoding of Shellcode Payload

001 Intro to Base64 Encoding of Shellcode Payload (13:23)

8. Reverse Engineering Base64 Encoded Payloads

001 Reverse Engineering Base64 Encoded Payloads (10:27)

9. XOR Encryption of Payload

001 Intro To XOR Encryption (14:54)
002 Analyzing XOR encryption payload with xdbg (3:49)

10. Reverse Engineering XOR Encryption

001 Reverse Engineering XOR Encryption (5:41)

11. AES Encryption of Payload

001 Intro to AES Encryption (10:05)
002 AES Encrypting the Payload (6:28)

12. Reverse Engineering AES Encryption Using CryptDecrypt

001 Reverse Engineering AES Encryption Using CryptDecrypt API (9:43)

13. Testing Shellcode Using Shellcode Runner

001 Testing Shellcode Using Shellcode Runner (4:50)

14. Obfuscating Functions Using GetProcAddress and XOR Encryption

001 Intro to Function Obfuscation Using GetProcAddress API (10:25)
002 Function Obfuscation Using GetProcAddress and XOR Encryption (11:26)

15. Reverse Engineering Function Obfuscation

001 Reverse Engineering Function Obfuscation (4:54)

16. Trojan Engineering Using Code Caves

001 Introduction to Trojan Engineering (12:08)
002 Using Metasploit to Create MsPaint Shellcode (6:58)
003 Testing MsPaint Shellcode with ShellcodeRunner (4:44)
004 Trojanizing Crackme1 - Part 1 (11:52)
005 Trojanizing Crackme1 - Part 2 (6:33)

17. Reverse Engineering Code Cave Trojans

001 Reverse Engineering Code Cave Trojans (7:19)
002 Testing 32-bit Shellcode with ShellcodeRunner32 (5:07)

18. Process Injection

001 Introduction to Process Injection (3:43)
002 Creating MessageBox Shellcode Using Metasploit in Kali Linux (4:19)
003 Process Injection - Part 1 - Explanation of APIs (17:20)
004 Process Injection - Part 2 - Running and Testing with Process Hacker (5:53)
005 creating messageBox shellcode uwing metasploit (4:19)

19. Detecting Process Injection and Reverse Engineering it

001 Detecting Process Injection and Reverse Engineering it (11:07)

20. Testing Process Injection Shellcode with ShellcodeRunnerInjected

001 Testing Process Injection Shellcode with ShellcodeRunnerInjected (5:56)

21. DLL Injection

001 Introduction to DLL Injection (5:47)
002 Creating 64-bit MSPaint Shellcode with Metasploit (6:15)
003 DLL Injection - Part 1 - Explanation of APIs, Building DLL and EXE files (12:00)
004 DLL Injection - Part 2 - Running and Analyzing with Process Hacker (5:41)
005 DLL Injector - version 2 - autodetecting DLL (4:32)

22.Detecting and Reverse Engineering DLL Injection

001 Detect DLL Injection and Dump DLL Shellcode (12:13)
002 Testing DLL Shellcode Using ShellcodeRunner (2:49)

23. Creating a Stealth Trojan

001 Creating a Stealth Trojan (4:11)

24. Lab Project _ Creating a Trojan with Encrypted Payload and Injection Capability

001 Introduction to Lab Project (1:17)
002 Lab Project _ Creating a Trojan with Encrypted Payload and Injection Capability (9:53)

25. Reverse Engineering the Lab Project Trojan

001 Detecting Process Injection and Dumping Explorer Memory (6:11)
002 Testing the dumped shellcode using ShellcodeRunnerInjected (4:45)

26. Anti Virus Evasion

001 Introduction to Anti Virus Evasion (4:57)
002 Installing Yara (10:06)
003 Evading Anti Virus Using Function Obfuscation and Parameter String Encryption (18:12)

27.PE Header Export Directory Structure

1. Introduction to the PE Header's Export Directory Structure (9:34)
2. Practical Walkthrough on PE Header Export Directory Structure (14:02)

28. PE Header Import Directory and IAT Structure

1. Introduction to PE Header Import Directory and IAT Structure (8:16)
2. Practical on PE Header Import Directory Structure and IAT (12:42)

29. Advanced Function Obfuscation

1. Introduction to Advanced Function Obfuscation (17:48)
2. Practical Walkthrough on Advanced Function Obfuscation (7:58)
3. Analyzing GetProcAddress in PE Studio and xdbg (4:10)

30. Thread Context Injection

1. Introduction to Thread Context Injection (5:00)
2. Explanation of APIs used in Thread Context Injection (11:35)
3. Practical Walkthrough on Thread Context Injection (4:03)

31. Map-View Code Injection

1. Introduction to Map-View Code Injection (4:37)
2. Explanation of APIs Used in Map-View Code Injection (11:20)
3. Practical Walkthrough on Map-View Code Injection (5:39)

32. APC (Asynchronous Procedure Call) Injection

1. Introduction to APC Injection (5:19)
2. Explanation of API functions used in APC Injection (4:00)
3. Practical Walkthrough on APC Injection (3:21)

33. Early Bird APC Injection

1. Introduction to Early Bird APC Injection (5:42)
2. Explanation of API functions used in Early Bird APC Injection (7:22)
3. Practical Walkthrough on Early Bird APC Injection (2:37)

34. Reflective Loading Trojans

1. Introduction to Reflective Loading (2:27)
2. Explanation of the Reflective Loading Code (11:02)
3. Practical Walkthrough on creating a Reflective-Loaded Trojan (5:56)
4. Obfuscating the Reflective Loader Strings (10:10)
5. Introduction to Shellcode Reflective DLL Injection (sRDI) (3:44)
6. Practical Walkthrough on sRDI (9:03)

35.Heaven's Gate Cross Injections

1. Introduction to 32-bit and 64-bit Cross Injections (5:56)
2. Practical Walkthrough on Classic Cross Injections (16:41)
3. Practical Walkthrough on Heaven's Gate Injection (11:35)
4. Encrypting Heaven's Gate (11:38)

36. API Hooking Using the Detours Library

1. Intro to API Hooking Using the Detours Library (5:58)
1.1 api hooking using detours
2. An Explanation of the APIs used in the Detours Technique (9:04)
3. Practical Walkthrough on Using the Detours Library (8:30)
4. Reverse Engineering Detours (4:02)

37. Hooking the IAT (Import Address Table)

1. Introduction to Hooking the IAT (2:02)
1.1 hooking the iat
2. Explanation of the IAT Hooking Code (7:58)
3. Practical Walkthrough on IAT Hooking (4:33)
4. Reverse Engineering IAT Hooking (3:49)

38.API Hooking using Inline Patch Hooking

1. Introduction to Inline Patch Hooking (2:12)
1.1 inline patch hooking
2. Explanation of Code for Patch Hooking (10:25)
3. Practical Walkthrough on Patch Hooking (3:16)
4. Reverse Engineering Patch Hooking (9:57)

39. Multiple Processes Control

1. Introduction to Multiple Processes Control (2:29)
1.1 multiple process control
2. Explanation of API used for locking processes (8:49)
3. Practical Walkthrough on multiple processes control (8:19)

40. Lab Project Password Sniffer Trojan

1. Introduction to the lab project (3:43)
2. Installing VeraCrypt (9:55)
3. Using API Monitor to hunt for the password function (9:45)
4. Explanation of the source code for the Trojan and password-sniffer DLL (20:10)
5. Building the Password Sniffer DLL (8:18)
6. Building the DLL Injector Trojan (12:11)
7. Making the Trojan stealthy (6:56)

Teach online with

002 Installing Yara

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock