Accompanying video on YouTube for this below lecture. check now and please subscribe and like the video
NOTE: hey friends last year i quit my job, now am a full time freelancer and IT security teacher
This my take on malware development were we are going to develop from a prototype already out there to a something much more powerful
If you a cybersecurity professional, a pen tester, red teamer,having the skills to write undetectable malware is great and very rewarding.
Pros tend to use tools like metasploit, LordPE, shelter, veil, amitarge and others to accomplish given tasks but their is always a high possibility of getting caught by SOC team av solutions and that is not good.
Another reason to write your FUD malware from scratch is to eliminate the need for Metasploit, since it can handle only one connection at a time. Whereas, during red teaming we always needed a CnC Server solution that can handle and control all the target machines together just like a botnet.
So in these series were are going to begin our journey of learning malware development at the same time applying software engineering principles, cryptography, forensics, networking and obfuscation from the basic principles to the most in the wild.
OUR ROAD MAP OUT OF ORDER
Simple malware (prototype)
Basics of software engineering
Choosing a software methodology to follow
Rewriting our malware from scratch
digital forensics basics
Basics of penetration testing
Basics of red teaming
Basics of cryptography
window system programming
Networking programming
Driver and kernel programming
Adding rootkit features to our product
Shall add others to the mix as needed
Prerequisites
Python programming skills (soon videos will be available)
C/C++ programming skills
FUNCTIONALITY OF OUR PROTOTYPE
whoami function
pwd function
ls function
move/ copy function
delete file function
download file function
upload file function
one thing to avoid is executing most of the commands via command shell Win API, reason being that it becomes easier for endpoint monitoring tools to detect anomalies and find out that it’s a suspicious binary even though we can evade anti-virus software easily.
But still we should write this code, because you never know when you might need to execute shell commands or execute powershell/vbs/batch scripts remotely, and secondly, it is the easiest to start with as a beginner when learning malware development.