[ent3r]

well this is smth thanks

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.

[Notsogod]

you are the best of all

[ThatPhoenix]

Honestly thank you, great content <3

[yughartoalexei]

thank you bro for your interest

[bananoname]

Malware On Steroids
A Malware Development Training Program for Windows

Table of Contents

Day 1
• Course Overview
• Development VM Setup
• Command and Control Architecture
• Malware Lifecycle
• Payload Handling and Stage Architecture
• Windows Internals
• Windows OS architecture
• Process & Thread Internals
• Debugging with Windbg
▪ Process Environment Block
▪ Thread Environment Block
▪ Windows Loader Structure
▪ Introduction and Crash Course to WinDbg
• Windows Memory Protections
• Windows System Programming
• Windows Access Security Tokens
▪ Enumerating Privileges from Tokens
▪ Special Token Privileges
• PE & DLL Structure
• COFF header
• Stephen Fewer’s Reflective DLL Limitations
• Building a Reflective DLL Loader from Scratch
• Building a Custom Injector for Reflective DLL injections from Scratch
• Modifying Reflective DLL’s PE Sections and Memory Allocations to avoid EDR Detections
• Hiding Memory Allocations with DLL/PE Image Spoofing
• Hiding Thread Creation with Instruction Pointer Spoofing

Day 2
• Windows Socket Programming
• Reverse Shells in C
• Bind Shells in C
• Buffer Redirection with Anonymous Pipes
• Named Pipe Lateral Movement
• SpyC2 – Building your own CnC in python3, C and x64 Shellcode
• Adding Features to your C2
• Building A Persistent Synchronous TCP C2
• Building an Asynchronous C2 with HTTP Callbacks
• Building Proxy-Aware Payloads
• Evading Network Detection & Response Tools for your CnC
• C2 Authentication
• Comm Encryption
• Sleep & Jitter
• C2 Round Robins
• URI Handling
• SMB Pivoting
• Payload Logging
• Spoofing Frontend for your CnC Server
• Writing Function Pointer Arrays for Dynamic Command Execution in your C2 Payload
• Malware Functions
• Enumerating Process
• Memory Dumping Techniques
▪ MiniDumpWriteDump
▪ PssCreateSnapshot
• Privilege Enumeration
• Host Enumeration
• Building Pluggable Modules for your Command & Control Server
• Building Reflective Staged Payloads
• Building Reflection Features Inside your Payloads to Load Existing Reflective DLLs as modules.
• Process Injections
• Reflective DLL Injection
• Shellcode Injection
• Remote Threads
• In-Memory File and Section mapping
• Asynchronous Procedure Calls
• Injection Evasion Tactics
• Hiding Memory Artefacts

Day 3
• X64 Shellcoding
• Introduction to x64 Intel Assembly
• Walking PEB and hunting kernel32.dll
• Position Independent Code in C
• Extracting Shellcode from PIC
• In-Memory Object File Execution
• Writing Stage Zero x64 Shellcode and HTTP Stage-Server for Serving Initial Access Payloads
• Writing Excel 4 Macros for Initial Foothold
• Droppers and Stagers
• Initial Access with LOLBins
• MS Build, MWC Executions
• Bit-flipping Signed Executables to Evade Generic EDR detections
• Unhooking and Patching EDR Instructions in Memory with Syscalls to avoid Detections
• Sandbox Evasion & Anti-debugging Techniques
• Code Obfuscation
• Dynamic Library Calls
• Obfuscation shellcode and DLL calls
• Encrypting Your Payloads with RC4 Encryption
• AMSI Evasion
• Named Pipe Executions
• Building your own PS Exec in C
• OPSEC Considerations

Download Link:

Thank you for your post.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Replying With Hidden Content

[Alstom4]

thanksssss brother

[rkm]

thanks for the share mate

[lastlife]

Thanks brother, good content

[e27388134]

thank you, great resource.

[ClickCrack]

Cool stuff, thanks for the knowledge