#redteam

Malware Development: Processes, Threads, and Handles
00:31:29

Malware Development: Processes, Threads, and Handles
crow
13,681 Views · 3 years ago

#malware #development #redteam

Welcome to Malware Development Fundamentals! This is the first part in a series where we explore common techniques, tools, and procedures (TTPs) used in the context of malware development. I will be adapting all of my blog posts on the subject of what I've learned so far in regard to this subfield of hacking, therefore, if you'd like to get a step ahead, before everyone else, consider reading more on my blog! https://crows-nest.gitbook.io/

Thank you, guys, SO MUCH for bearing with the time that it took to get this video out, during the recording/editing of this video, my AIO cooler actually broke so I had to risk my CPU's health (pretty sure it's irrevocably destroyed at this point but, the show must go on) to get this video out. Also, thank you guys so much for getting the channel to 1,000+ subscribers! That's just horrifying (and insanely exciting) to me, and I'm currently working on a Q&A special for it! Stay tuned :"D

I love you guys, enjoy.

⚠️ Disclaimer:
The information presented in this video is for educational purposes only. It is not intended to be used for illegal or malicious activities. The creator and any individuals involved in the production of this video are not responsible for any misuse of the information provided. It is the responsibility of the viewer to ensure that they comply with all relevant laws and regulations in their jurisdiction.

🔖 My Socials:
avatar/mascot made with picrew: https://picrew.me/en/image_maker/1108773
- full credits to the artist: https://twitter.com/mimisentakosen
- visit her shop: https://coconala.com/services/....1871766?ref=profile_
official discord server: https://dsc.gg/crow-academy
https://crows-nest.gitbook.io/
https://github.com/cr-0w
https://twitter.com/cr0ww_

💖 Support My Work:
https://www.patreon.com/cr0w
https://ko-fi.com/cr0ww
https://www.buymeacoffee.com/cr0w

📹 Videos/Channels Featured:
https://www.youtube.com/@x0reaxeax
https://www.youtube.com/@peppidesu
https://www.youtube.com/watch?v=fo3-J4jhuB4
https://www.youtube.com/watch?v=2OPDTdXLef8
https://www.youtube.com/watch?v=Nxu6GlDleqA

❤️ Websites Featured:
https://crows-nest.gitbook.io/crows-nest/malware-development/
https://learn.microsoft.com/en....-us/windows/win32/ap
https://cocomelonc.github.io/
https://blog.xpnsec.com/
https://www.ired.team/
https://mohamed-fakroud.gitbook.io/

The images and music used in this video are used under the principle of fair use for the purpose of criticism, comment, news reporting, teaching, scholarship, and research. I do not claim ownership of any of the images/music and they are used solely for the purpose of enhancing the content of the video. I respect the rights of the creators and owners of these images and will remove any image upon request by the rightful owner.

Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing.

🕰️ Timestamps:
00:00 - Intro
00:43 - Malware Development Series
01:24 - Prerequisites
02:43 - Processes
08:09 - Threads
10:12 - Handles
11:39 - Windows API
13:39 - Windows API: MessageBox
22:33 - Windows API: CreateProcess
30:30 - Homework
31:02 - Outro

Malware Development II: Process Injection
01:06:21

Malware Development II: Process Injection
crow
7,895 Views · 3 years ago

#malware #development #redteam

Pork is airborne and hell hath frozen over; MALDEV PART 2 IS FINALLY OUT! Thank you, guys, so much for bearing with my RNG upload schedules (I don't even know if the word "schedule" can even be associated with me). Please enjoy the newest installment of our ongoing Malware Development series. As always, you can find more on my blog here: https://crows-nest.gitbook.io/

In the next video, we'll be taking a look at the lower-level NTAPI from NTDLL, and perhaps some system calls! I am going to be taking a bit of a break since this video almost obliterated my soul; I'm a one-man team and this takes forever, especially when it's an hour long. I sincerely hope you guys found some use for this video, and once again, thank you for being here and watching. I will catch you guys later :)

I love you guys, enjoy.

⚠️ Disclaimer:
The information presented in this video is for educational purposes only. It is not intended to be used for illegal or malicious activities. The creator and any individuals involved in the production of this video are not responsible for any misuse of the information provided. It is the responsibility of the viewer to ensure that they comply with all relevant laws and regulations in their jurisdiction.

🔖 My Socials:
avatar/mascot made with picrew: https://picrew.me/en/image_maker/1108773
- full credits to the artist: https://twitter.com/mimisentakosen
- visit her shop: https://coconala.com/services/....1871766?ref=profile_
official discord server: https://dsc.gg/crow-academy
https://crows-nest.gitbook.io/
https://github.com/cr-0w
https://twitter.com/cr0ww_

💖 Support My Work:
https://www.patreon.com/cr0w
https://ko-fi.com/cr0ww
https://www.buymeacoffee.com/cr0w

🎵 Music/Videos Used:
https://www.youtube.com/@KronoMuzik = https://www.youtube.com/watch?v=WfMClt3K5K4
https://www.youtube.com/@SuperLofiWorld = https://www.youtube.com/watch?v=LTphVIore3A
https://www.youtube.com/@jonathanwebster1452 = https://www.youtube.com/watch?v=LBj8xtVb9cI

❤️ Websites Featured:
https://www.elastic.co/blog/te....n-process-injection-
https://learn.microsoft.com/en....-us/windows/win32/ap
https://crows-nest.gitbook.io
https://crows-nest.gitbook.io/crows-nest/malware-development/process-injection/shellcode-injection
https://crows-nest.gitbook.io/crows-nest/malware-development/process-injection/dll-injection

The images and music used in this video are used under the principle of fair use for the purpose of criticism, comment, news reporting, teaching, scholarship, and research. I do not claim ownership of any of the images/music and they are used solely for the purpose of enhancing the content of the video. I respect the rights of the creators and owners of these images and will remove any image upon request by the rightful owner.

Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing.

🕰️ Timestamps:
00:00 - Intro
01:18 - Prerequisites
03:52 - Small Disclaimer
04:44 - What is Process Injection?
06:58 - Shellcode Injection
38:37 - Generating Shellcode
41:05 - Starting The Listener
41:36 - Performing The Injection
42:36 - Next Step
43:12 - What is a DLL?
45:03 - Creating a DLL
50:42 - DLL Injection
1:01:20 - Performing The Injection II
1:03:53 - Common Pitfalls
1:05:11 - Outro