Malware Development 2: Advanced Injection and API Hooking
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 3.72 GB | Duration: 6h 38m
Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 3.72 GB | Duration: 6h 38m
Level 2 Programming Skills for Malware Analysis and Reverse Engineering
What you'll learn
How function address resolution works
Advanced code injection techniques
Build custom reflective binary
Hooking APIs in memory
Move between 32-bit and 64-bit processes
Using IPC to control multiple process payloads
Advanced DLL Injection techniques
Heaven's Gate Cross Injections
Advanced Function Obfuscation
Thread Context Injection
Map-View Code Injection
Asynchronous Procedure Call Injection
Early Bird APC Injection
Reflective Loading Trojans
API Hooking Using the Detours Library
Import Address Table (IAT) Hooking
Inline Patch Hooking
Password Sniffing DLL Injection and Hooking
Subverting normal flow of a running process
Implementing your own API functions
and more…
Description
This course is about more advanced techniques in Malware Development. This course builds on what you have learned in Malware Development and Reverse Engineering 1: The Basics, by extending your development skills with:
advanced function obfuscation by implementing customized API calls
more advanced code injection techniques
advanced DLL injection techniques
understanding how reflective binaries work and building custom reflective DLLs
hijacking and camouflaging trojan shellcodes inside legitimate running processes
memory hooking to subvert the normal flow of a running process
exploiting the vulnerability in 32- and 64-bit process migrations
hooking the Import AddressTables (IAT) to replace it with your own functions
using inter process communication to control execution of multiple trojan processes
hooking API calls and replacing them with your own customized function
implementing DLL injection and API hooking to sniff and capture disk encryption passwords
advanced AV evasion and obfuscation techniques
and more…
You will learn first-hand from a Malware Developers’ perspective what windows API functions are commonly used in malware and finally have a deeper understanding of malware so that you will have enhanced skills when doing malware analysis later.
Learning Methodology:
Build programs that simulate Windows Trojans and Reverse Engineer them.
This will make you a better Reverse Engineer and Malware Analyst and also Penetration Tester.
The best way to understand malware is to be a Malware Developer.
Features:
Some topics will contain two parts: programming and reversing.
In the programming parts we will be writing programs that simulate trojan behavior by using API functions typically found in malware.
In the final section, there will be a Lab Project, where you will combine all the knowledge you learn to create a trojan that can survive a reboot and sniff for a disk encryption password and capture it to a file.
Everything is highly practical. No boring theory or lectures. More like walk-throughs which you can replicate and follow along.
By the end of this course, you will have the basic skills to better understand how Malware works from the programmers' point of view. This knowledge and skills are suitable for those aspiring to be Red Teamers. Even if you have no intention of creating malware, the insider knowledge and skills you gain from this course will make you a better security professional.
Also, having practical knowledge of malware development will give you a better understanding of how to reverse engineer malware. By the end of this course, you would have gained a solid foundation for understanding how hackers can exploit windows API to inject malicious code into other processes.
Suitable for:
Reverse Engineering and Malware Analysis Students
Programmers who want to know how Malware is created
Students planning on entering Malware Analysis and Reverse Engineering, or Penetration Testers as a Career Path
Penetration Testers and Ethical Hackers
Prerequisite:
Windows PC
Basic C Language
Preferably already Completed Malware Development and Reverse Engineering 1: The Basics
Who this course is for:
Reverse Engineering and Malware Analysis Students
Programmers who want to know how Malware is created
Students planning on entering Malware Analysis and Reverse Engineering or Penetration Testers as a Career Path
Penetration Testers and Ethical Hackers