#development
#malware #development #redteam
Welcome to Malware Development Fundamentals! This is the first part in a series where we explore common techniques, tools, and procedures (TTPs) used in the context of malware development. I will be adapting all of my blog posts on the subject of what I've learned so far in regard to this subfield of hacking, therefore, if you'd like to get a step ahead, before everyone else, consider reading more on my blog! https://crows-nest.gitbook.io/
Thank you, guys, SO MUCH for bearing with the time that it took to get this video out, during the recording/editing of this video, my AIO cooler actually broke so I had to risk my CPU's health (pretty sure it's irrevocably destroyed at this point but, the show must go on) to get this video out. Also, thank you guys so much for getting the channel to 1,000+ subscribers! That's just horrifying (and insanely exciting) to me, and I'm currently working on a Q&A special for it! Stay tuned :"D
I love you guys, enjoy.
⚠️ Disclaimer:
The information presented in this video is for educational purposes only. It is not intended to be used for illegal or malicious activities. The creator and any individuals involved in the production of this video are not responsible for any misuse of the information provided. It is the responsibility of the viewer to ensure that they comply with all relevant laws and regulations in their jurisdiction.
🔖 My Socials:
avatar/mascot made with picrew: https://picrew.me/en/image_maker/1108773
- full credits to the artist: https://twitter.com/mimisentakosen
- visit her shop: https://coconala.com/services/....1871766?ref=profile_
official discord server: https://dsc.gg/crow-academy
https://crows-nest.gitbook.io/
https://github.com/cr-0w
https://twitter.com/cr0ww_
💖 Support My Work:
https://www.patreon.com/cr0w
https://ko-fi.com/cr0ww
https://www.buymeacoffee.com/cr0w
📹 Videos/Channels Featured:
https://www.youtube.com/@x0reaxeax
https://www.youtube.com/@peppidesu
https://www.youtube.com/watch?v=fo3-J4jhuB4
https://www.youtube.com/watch?v=2OPDTdXLef8
https://www.youtube.com/watch?v=Nxu6GlDleqA
❤️ Websites Featured:
https://crows-nest.gitbook.io/crows-nest/malware-development/
https://learn.microsoft.com/en....-us/windows/win32/ap
https://cocomelonc.github.io/
https://blog.xpnsec.com/
https://www.ired.team/
https://mohamed-fakroud.gitbook.io/
The images and music used in this video are used under the principle of fair use for the purpose of criticism, comment, news reporting, teaching, scholarship, and research. I do not claim ownership of any of the images/music and they are used solely for the purpose of enhancing the content of the video. I respect the rights of the creators and owners of these images and will remove any image upon request by the rightful owner.
Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing.
🕰️ Timestamps:
00:00 - Intro
00:43 - Malware Development Series
01:24 - Prerequisites
02:43 - Processes
08:09 - Threads
10:12 - Handles
11:39 - Windows API
13:39 - Windows API: MessageBox
22:33 - Windows API: CreateProcess
30:30 - Homework
31:02 - Outro
#malware #development #redteam
use code "CROW10" for 10% off your order when you checkout at Maldev Academy! https://maldevacademy.com/?ref=crow
⚠ Disclaimer:
The information presented in this video is for educational purposes only. It is not intended to be used for illegal or malicious activities. The creator and any individuals involved in the production of this video are not responsible for any misuse of the information provided. It is the responsibility of the viewer to ensure that they comply with all relevant laws and regulations in their jurisdiction.
🤖 Based on:
https://twitter.com/jonasLyk/s....tatus/13504014619859
full credits to the author of this super cool technique: https://twitter.com/jonasLyk
💖 Support My Work:
https://www.patreon.com/cr0w
https://ko-fi.com/cr0ww
https://www.buymeacoffee.com/cr0w
🔖 My Socials:
https://discord.gg/crow-academy
https://crows-nest.gitbook.io/
https://github.com/cr-0w
https://twitter.com/cr0ww_
❤ Friends Mentioned:
x0reaxeax:
- https://github.com/x0reaxeax
- https://www.youtube.com/@x0reaxeax
5pider:
- https://twitter.com/C5pider
- https://github.com/Cracked5pider
- https://www.youtube.com/@C5pider
🎵 Music/Videos Used:
Wizet, Nexon © Copyright Wizet, Nexon
https://www.youtube.com/watch?v=WfMClt3K5K4
https://www.youtube.com/watch?v=S4MBzeni9Eo&t=47s
https://www.youtube.com/watch?v=ms5ENyRH3Bs&t=55s
https://www.youtube.com/watch?v=bBRgYIvaL00
https://www.youtube.com/watch?v=U5DIddYUWUE&t=1429s
https://www.youtube.com/watch?v=N1PFETbX_1U
https://www.youtube.com/watch?v=GDjvNh_20Oo
Motion Graphics
Video used: https://www.youtube.com/watch?v=jRn3MDxESfw
YouTube Channel: https://www.youtube.com/channe....l/UCSd9fzv8UQBAC6vCI
- stock images/videos: vecteezy.com, pexel
🌐 Websites Mentioned:
https://maldevacademy.com/
https://www.vergiliusproject.com/
https://www.geoffchappell.com/....studies/windows/km/n
https://www.geoffchappell.com/....studies/windows/km/n
https://www.sentinelone.com/bl....og/edr-vs-enterprise
https://www.sentinelone.com/bl....og/what-is-a-malware
https://usa.kaspersky.com/resource-center/definitions/heuristic-analysis
https://www.linkedin.com/pulse..../what-edr-why-import
The images and music used in this video are used under the principle of fair use for the purpose of criticism, comment, news reporting, teaching, scholarship, and research. I do not claim ownership of any of the images/music and they are used solely for the purpose of enhancing the content of the video. I respect the rights of the creators and owners of these images and will remove any image upon request by the rightful owner.
Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing.
🕰 Timestamps:
00:00 - Intro
00:32 - Disclaimer
01:10 - Why Learn Malware Development?
02:54 - Start Here!
04:57 - Antivirus
08:30 - Heuristic Detection
11:56 - EDRs
13:53 - Anti-Debugging
16:51 - Thread Environment Block
20:16 - Custom GetLastError Function
29:13 - Process Environment Block
31:16 - Custom IsDebuggerPresent Function
34:53 - PEB Patching (BeingDebugged)
38:14 - Self-Deletion
01:01:16 - Outro
#malware #development #redteam
Pork is airborne and hell hath frozen over; MALDEV PART 2 IS FINALLY OUT! Thank you, guys, so much for bearing with my RNG upload schedules (I don't even know if the word "schedule" can even be associated with me). Please enjoy the newest installment of our ongoing Malware Development series. As always, you can find more on my blog here: https://crows-nest.gitbook.io/
In the next video, we'll be taking a look at the lower-level NTAPI from NTDLL, and perhaps some system calls! I am going to be taking a bit of a break since this video almost obliterated my soul; I'm a one-man team and this takes forever, especially when it's an hour long. I sincerely hope you guys found some use for this video, and once again, thank you for being here and watching. I will catch you guys later :)
I love you guys, enjoy.
⚠️ Disclaimer:
The information presented in this video is for educational purposes only. It is not intended to be used for illegal or malicious activities. The creator and any individuals involved in the production of this video are not responsible for any misuse of the information provided. It is the responsibility of the viewer to ensure that they comply with all relevant laws and regulations in their jurisdiction.
🔖 My Socials:
avatar/mascot made with picrew: https://picrew.me/en/image_maker/1108773
- full credits to the artist: https://twitter.com/mimisentakosen
- visit her shop: https://coconala.com/services/....1871766?ref=profile_
official discord server: https://dsc.gg/crow-academy
https://crows-nest.gitbook.io/
https://github.com/cr-0w
https://twitter.com/cr0ww_
💖 Support My Work:
https://www.patreon.com/cr0w
https://ko-fi.com/cr0ww
https://www.buymeacoffee.com/cr0w
🎵 Music/Videos Used:
https://www.youtube.com/@KronoMuzik = https://www.youtube.com/watch?v=WfMClt3K5K4
https://www.youtube.com/@SuperLofiWorld = https://www.youtube.com/watch?v=LTphVIore3A
https://www.youtube.com/@jonathanwebster1452 = https://www.youtube.com/watch?v=LBj8xtVb9cI
❤️ Websites Featured:
https://www.elastic.co/blog/te....n-process-injection-
https://learn.microsoft.com/en....-us/windows/win32/ap
https://crows-nest.gitbook.io
https://crows-nest.gitbook.io/crows-nest/malware-development/process-injection/shellcode-injection
https://crows-nest.gitbook.io/crows-nest/malware-development/process-injection/dll-injection
The images and music used in this video are used under the principle of fair use for the purpose of criticism, comment, news reporting, teaching, scholarship, and research. I do not claim ownership of any of the images/music and they are used solely for the purpose of enhancing the content of the video. I respect the rights of the creators and owners of these images and will remove any image upon request by the rightful owner.
Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing.
🕰️ Timestamps:
00:00 - Intro
01:18 - Prerequisites
03:52 - Small Disclaimer
04:44 - What is Process Injection?
06:58 - Shellcode Injection
38:37 - Generating Shellcode
41:05 - Starting The Listener
41:36 - Performing The Injection
42:36 - Next Step
43:12 - What is a DLL?
45:03 - Creating a DLL
50:42 - DLL Injection
1:01:20 - Performing The Injection II
1:03:53 - Common Pitfalls
1:05:11 - Outro
