Malware Development 2: Advanced Injection and API Hooking

seeders: 33

leechers: 13

updated: 2 years

Added 2 years by tutsnode in Other > Tutorials

Download Fast Safe Anonymous
movies, software, shows...

Downloads: 142
Language: English

Files

Malware Development 2 Advanced Injection and API Hooking [TutsNode.com] - Malware Development 2 Advanced Injection and API Hooking 15. Lab Project Password Sniffer Trojan

4. Explanation of the source code for the Trojan and password-sniffer DLL.mp4 (189.2 MB)
4.1 16-labproject-passwordsniffer.zip (729.6 KB)
5. Building the Password Sniffer DLL.srt (6.9 KB)
4. Explanation of the source code for the Trojan and password-sniffer DLL.srt (22.1 KB)
7. Making the Trojan stealthy.srt (5.6 KB)
1.2 lab project - password sniffer.pptx (39.3 KB)
6. Building the DLL Injector Trojan.srt (11.3 KB)
3. Using API Monitor to hunt for the password function.srt (10.0 KB)
7.1 winmain-signature.txt (0.2 KB)
6. Building the DLL Injector Trojan.mp4 (116.8 MB)
2. Installing VeraCrypt.srt (9.8 KB)
1.3 notes for lab project.txt (0.7 KB)
1. Introduction to the lab project.srt (3.2 KB)
3. Using API Monitor to hunt for the password function.mp4 (107.3 MB)
5. Building the Password Sniffer DLL.mp4 (87.0 MB)
2. Installing VeraCrypt.mp4 (82.6 MB)
7. Making the Trojan stealthy.mp4 (73.7 MB)
1.1 lab project - password sniffer.pdf (471.8 KB)
2.1 VeraCrypt Setup 1.24-Update7.zip (27.6 MB)
1. Introduction to the lab project.mp4 (14.0 MB)

3. PE Header Import Directory and IAT Structure

1.1 PE Header IAT Directory Structure.pdf (796.1 KB)
2. Practical on PE Header Import Directory Structure and IAT.mp4 (176.4 MB)
2.1 02-calc iat.zip (156.6 KB)
2. Practical on PE Header Import Directory Structure and IAT.srt (12.7 KB)
1. Introduction to PE Header Import Directory and IAT Structure.srt (8.5 KB)
1. Introduction to PE Header Import Directory and IAT Structure.mp4 (103.0 MB)

1. How to setup a malware development lab

1. How to setup a malware development lab.srt (1.3 KB)
1.1 playlist on how to setup a malware dev lab.txt (0.1 KB)
1. How to setup a malware development lab.mp4 (10.1 MB)

7. APC (Asynchronous Procedure Call) Injection

1.2 Asynchronous Procedure Call Injection.pptx (46.3 KB)
2.2 Notes on apc injection.txt (0.2 KB)
2.1 06-apc_injection.zip (3.3 KB)
1. Introduction to APC Injection.srt (5.2 KB)
2. Explanation of API functions used in APC Injection.srt (4.4 KB)
3. Practical Walkthrough on APC Injection.srt (3.0 KB)
1.1 Asynchronous Procedure Call Injection.pdf (536.3 KB)
2. Explanation of API functions used in APC Injection.mp4 (34.3 MB)
3. Practical Walkthrough on APC Injection.mp4 (31.5 MB)
1. Introduction to APC Injection.mp4 (22.7 MB)

5. Thread Context Injection

2. Explanation of APIs used in Thread Context Injection.srt (13.4 KB)
2.1 04-thread_context_injection.zip (68.3 KB)
2.2 Notes on Thread Context Injection.txt (2.4 KB)
1. Introduction to Thread Context Injection.srt (4.6 KB)
3. Practical Walkthrough on Thread Context Injection.srt (3.6 KB)
2. Explanation of APIs used in Thread Context Injection.mp4 (109.9 MB)
1.1 Thread Context Injection.pdf (537.3 KB)
3. Practical Walkthrough on Thread Context Injection.mp4 (48.2 MB)
1. Introduction to Thread Context Injection.mp4 (18.5 MB)

11. API Hooking Using the Detours Library

1.4 notes on api hooking using detours.txt (0.3 KB)
1.3 detours article- by hunt and brubacher.pdf (97.7 KB)
1.2 api hooking using detours.pptx (85.9 KB)
1. Intro to API Hooking Using the Detours Library.srt (6.2 KB)
2. An Explanation of the APIs used in the Detours Technique.srt (10.4 KB)
3. Practical Walkthrough on Using the Detours Library.srt (9.7 KB)
4. Reverse Engineering Detours.srt (4.4 KB)
3. Practical Walkthrough on Using the Detours Library.mp4 (91.1 MB)
2.1 12-api-hooking-using-detours.zip (585.1 KB)
2. An Explanation of the APIs used in the Detours Technique.mp4 (81.4 MB)
1.1 api hooking using detours.pdf (505.1 KB)
4. Reverse Engineering Detours.mp4 (56.6 MB)
1. Intro to API Hooking Using the Detours Library.mp4 (29.0 MB)

8. Early Bird APC Injection

1.1 Early Bird APC Injection.pdf (550.6 KB)
1.2 Early Bird APC Injection.pptx (75.2 KB)
1. Introduction to Early Bird APC Injection.srt (5.4 KB)
2.1 07-earlybird-apc-injection.zip (12.9 KB)
2.2 Notes on early bird apc injection.txt (1.0 KB)
3. Practical Walkthrough on Early Bird APC Injection.srt (2.7 KB)
2. Explanation of API functions used in Early Bird APC Injection.srt (7.9 KB)
2. Explanation of API functions used in Early Bird APC Injection.mp4 (73.5 MB)
1. Introduction to Early Bird APC Injection.mp4 (25.1 MB)
3. Practical Walkthrough on Early Bird APC Injection.mp4 (23.8 MB)

10. Heaven's Gate Cross Injections

2. Practical Walkthrough on Classic Cross Injections.srt (16.4 KB)
2. Practical Walkthrough on Classic Cross Injections.mp4 (171.8 MB)
1.2 32-bit to 64-bit cross injections.pptx (45.9 KB)
3. Practical Walkthrough on Heaven's Gate Injection.mp4 (133.0 MB)
4. Encrypting Heaven's Gate.mp4 (131.8 MB)
1.1 32-bit to 64-bit cross injections.pdf (689.5 KB)
3. Practical Walkthrough on Heaven's Gate Injection.srt (11.7 KB)
2.1 10-cross-injection-v1-original.zip (10.6 KB)
1.3 notes on 32bit to 64bit cross injections.txt (1.1 KB)
2.2 11-cross-injection-v2-encrypted.zip (10.6 KB)
4. Encrypting Heaven's Gate.srt (9.8 KB)
1. Introduction to 32-bit and 64-bit Cross Injections.srt (5.0 KB)
1. Introduction to 32-bit and 64-bit Cross Injections.mp4 (23.8 MB)

4. Advanced Function Obfuscation

1.2 obfuscating functions notes.txt (0.8 KB)
1. Introduction to Advanced Function Obfuscation.mp4 (135.9 MB)
1. Introduction to Advanced Function Obfuscation.srt (20.8 KB)
2.1 03-advanced_function_obfuscation.zip (9.7 KB)
2. Practical Walkthrough on Advanced Function Obfuscation.srt (8.8 KB)
3. Analyzing GetProcAddress in PE Studio and xdbg.srt (3.6 KB)
<

Description

Description

This course is about more advanced techniques in Malware Development. This course builds on what you have learned in Malware Development and Reverse Engineering 1: The Basics, by extending your development skills with:

advanced function obfuscation by implementing customized API calls

more advanced code injection techniques

advanced DLL injection techniques

understanding how reflective binaries work and building custom reflective DLLs

hijacking and camouflaging trojan shellcodes inside legitimate running processes

memory hooking to subvert the normal flow of a running process

exploiting the vulnerability in 32- and 64-bit process migrations

hooking the Import AddressTables (IAT) to replace it with your own functions

using inter process communication to control execution of multiple trojan processes

hooking API calls and replacing them with your own customized function

implementing DLL injection and API hooking to sniff and capture disk encryption passwords

advanced AV evasion and obfuscation techniques

and more…

You will learn first-hand from a Malware Developers’ perspective what windows API functions are commonly used in malware and finally have a deeper understanding of malware so that you will have enhanced skills when doing malware analysis later.

Learning Methodology:

Build programs that simulate Windows Trojans and Reverse Engineer them.

This will make you a better Reverse Engineer and Malware Analyst and also Penetration Tester.

The best way to understand malware is to be a Malware Developer.

Features:

Some topics will contain two parts: programming and reversing.

In the programming parts we will be writing programs that simulate trojan behavior by using API functions typically found in malware.

In the final section, there will be a Lab Project, where you will combine all the knowledge you learn to create a trojan that can survive a reboot and sniff for a disk encryption password and capture it to a file.

Everything is highly practical. No boring theory or lectures. More like walk-throughs which you can replicate and follow along.

By the end of this course, you will have the basic skills to better understand how Malware works from the programmers’ point of view. This knowledge and skills are suitable for those aspiring to be Red Teamers. Even if you have no intention of creating malware, the insider knowledge and skills you gain from this course will make you a better security professional.

Also, having practical knowledge of malware development will give you a better understanding of how to reverse engineer malware. By the end of this course, you would have gained a solid foundation for understanding how hackers can exploit windows API to inject malicious code into other processes.

Suitable for:

Reverse Engineering and Malware Analysis Students

Programmers who want to know how Malware is created

Students planning on entering Malware Analysis and Reverse Engineering, or Penetration Testers as a Career Path

Penetration Testers and Ethical Hackers

Prerequisite:

Windows PC
Basic C Language
Preferably already Completed Malware Development and Reverse Engineering 1: The Basics

Who this course is for:

Reverse Engineering and Malware Analysis Students
Programmers who want to know how Malware is created
Students planning on entering Malware Analysis and Reverse Engineering or Penetration Testers as a Career Path
Penetration Testers and Ethical Hackers

Last Updated 10/2021

Download torrent
3.7 GB

seeders:33

leechers:13

Malware Development 2: Advanced Injection and API Hooking

Torrent: Malware Development 2: Advanced Injection and API Hooking

Trackers

tracker name

udp://open.stealth.si:80/announce

udp://tracker.tiny-vps.com:6969/announce

udp://fasttracker.foreverpirates.co:6969/announce

udp://tracker.opentrackr.org:1337/announce

udp://explodie.org:6969/announce

udp://tracker.cyberia.is:6969/announce

udp://ipv4.tracker.harry.lu:80/announce

udp://tracker.uw0.xyz:6969/announce

udp://opentracker.i2p.rocks:6969/announce

udp://tracker.birkenwald.de:6969/announce

udp://tracker.torrent.eu.org:451/announce

udp://tracker.moeking.me:6969/announce

udp://tracker.dler.org:6969/announce

udp://9.rarbg.me:2970/announce

µTorrent compatible trackers list

udp://open.stealth.si:80/announceudp://tracker.tiny-vps.com:6969/announceudp://fasttracker.foreverpirates.co:6969/announceudp://tracker.opentrackr.org:1337/announceudp://explodie.org:6969/announceudp://tracker.cyberia.is:6969/announceudp://ipv4.tracker.harry.lu:80/announceudp://tracker.uw0.xyz:6969/announceudp://opentracker.i2p.rocks:6969/announceudp://tracker.birkenwald.de:6969/announceudp://tracker.torrent.eu.org:451/announceudp://tracker.moeking.me:6969/announceudp://tracker.dler.org:6969/announceudp://9.rarbg.me:2970/announce

Download torrent
3.7 GB

seeders:33

leechers:13

Malware Development 2: Advanced Injection and API Hooking

Torrent: Malware Development 2: Advanced Injection and API Hooking
Torrent hash: 57670212992008756F064670D6FD9496705B7D6C

Malware Development 2: Advanced Injection and API Hooking

Files

Description

Trackers

Latest Searches

Friends Links