介绍:
恶意软件开发课程
目录:
1.Welcome Module_files
1.Welcome Module.htm
10.Detection Mechanisms_files
10.Detection Mechanisms.htm
11.Windows Processes_files
11.Windows Processes.htm
12.Undocumented Structures_files
12.Undocumented Structures.htm
13.DataPayloadPlacement.zip
13.Payload Placement - .data & .rdata Sections_files
13.Payload Placement - .data & .rdata Sections.htm
14.Payload Placement - .text Section_files
14.Payload Placement - .text Section.htm
14.TextPayloadPlacement.zip
15.Payload Placement - .rsrc Section_files
15.Payload Placement - .rsrc Section.htm
15.ResourcePayloadPlacement.zip
16.Introduction To Payload Encryption_files
16.Introduction To Payload Encryption.htm
17.Payload Encryption - XOR_files
17.Payload Encryption - XOR.htm
17.Xor.zip
18.Payload Encryption - RC4_files
18.Payload Encryption - RC4.htm
18.Rc4.zip
19.Aes.zip
19.Payload Encryption - AES Encryption_files
19.Payload Encryption - AES Encryption.htm
2.Introduction To Malware Development_files
2.Introduction To Malware Development.htm
20.Evading Microsoft Defender Static Analysis_files
20.Evading Microsoft Defender Static Analysis.htm
20.WinDef.zip
21.IpFuscation.zip
21.Payload Obfuscation - IPv4_IPv6Fuscation_files
21.Payload Obfuscation - IPv4_IPv6Fuscation.htm
22.MacFuscation.zip
22.Payload Obfuscation - MACFucscation_files
22.Payload Obfuscation - MACFucscation.htm
23.Payload Obfuscation - UUIDFuscation_files
23.Payload Obfuscation - UUIDFuscation.htm
23.UUIDFuscation.zip
24.HellShell.zip
24.Maldev Academy Tool - HellShell_files
24.Maldev Academy Tool - HellShell.htm
25.Maldev Academy Tool - MiniShell_files
25.Maldev Academy Tool - MiniShell.htm
25.MiniShell.zip
26.Local Payload Execution - DLL_files
26.Local Payload Execution - DLL.htm
26.Local-Dll-Injection.zip
27.Local Payload Execution - Shellcode_files
27.Local Payload Execution - Shellcode.htm
27.Local-Shellcode-Exec.zip
28.Process Injection - DLL Injection_files
28.Process Injection - DLL Injection.htm
28.Remote-DLL-Injection.zip
29.Proc-Inject-Shellcode-Exec.zip
29.Process Injection - Shellcode Injection_files
29.Process Injection - Shellcode Injection.htm
3.Required Tools_files
3.Required Tools.htm
30.Payload Staging - Web Server_files
30.Payload Staging - Web Server.htm
30.WebStaging.zip
31.Payload Staging - Windows Registry_files
31.Payload Staging - Windows Registry.htm
31.Registry.zip
32.Malware Binary Signing_files
32.Malware Binary Signing.htm
33.EnumProcesses.zip
33.Process Enumeration - EnumProcesses_files
33.Process Enumeration - EnumProcesses.htm
34.NtQuerySystemInformation.zip
34.Process Enumeration - NtQuerySystemInformation_files
34.Process Enumeration - NtQuerySystemInformation.htm
35.LocalThreadHijacking.zip
35.Thread Hijacking - Local Thread Creation_files
35.Thread Hijacking - Local Thread Creation.htm
36.RemoteThreadHijacking.zip
36.Thread Hijacking - Remote Thread Creation_files
36.Thread Hijacking - Remote Thread Creation.htm
37.LocalThreadEnumHijacking.zip
37.Thread Hijacking - Local Thread Enumeration_files
37.Thread Hijacking - Local Thread Enumeration.htm
38.RemoteThreadEnumHijacking.zip
38.Thread Hijacking - Remote Thread Enumeration_files
38.Thread Hijacking - Remote Thread Enumeration.htm
39.APC Injection_files
39.APC Injection.htm
39.ApcInjection.zip
4.Coding Basics_files
4.Coding Basics.htm
40.Early Bird APC Injection_files
40.Early Bird APC Injection.htm
40.EarlyBird.zip
41.Callback Code Execution_files
41.Callback Code Execution.htm
41.Callback-Code-Execution.zip
42.Local Mapping Injection_files
42.Local Mapping Injection.htm
42.LocalMappingInjection.zip
43.Remote Mapping Injection_files
43.Remote Mapping Injection.htm
43.RemoteMappingInjection.zip
44.Local Function Stomping Injection_files
44.Local Function Stomping Injection.htm
44.LocalFunctionStomping.zip
45.Remote Function Stomping Injection_files
45.Remote Function Stomping Injection.htm
45.RemoteFunctionStomping.zip
46.Payload Execution Control_files
46.Payload Execution Control.htm
46.PayloadExecutionControl.zip
47.PPidSpoofing.zip
47.Spoofing PPID_files
47.Spoofing PPID.htm
48.ArgSpoofing-1.zip
48.Process Argument Spoofing (1)_files
48.Process Argument Spoofing (1).htm
49.ArgSpoofing-2.zip
49.Process Argument Spoofing (2)_files
49.Process Argument Spoofing (2).htm
5.Windows Architecture_files
5.Windows Architecture.htm
50.Parsing PE Headers_files
50.Parsing PE Headers.htm
50.PeParser.zip
51.String Hashing_files
51.String Hashing.htm
51.StringHashing.zip
52.IAT Hiding & Obfuscation - Introduction_files
52.IAT Hiding & Obfuscation - Introduction.htm
53.GetProcAddressReplacement.zip
53.IAT Hiding & Obfuscation - Custom GetProcAddress_files
53.IAT Hiding & Obfuscation - Custom GetProcAddress.htm
54.GetModuleHandleReplacement.zip
54.IAT Hiding & Obfuscation - Custom GetModuleHandle_files
54.IAT Hiding & Obfuscation - Custom GetModuleHandle.htm
55.ApiHashing.zip
55.IAT Hiding & Obfuscation - API Hashing_files
55.IAT Hiding & Obfuscation - API Hashing.htm
56.IAT Hiding & Obfuscation - Custom Pseudo Handles_files
56.IAT Hiding & Obfuscation - Custom Pseudo Handles.htm
57.CompileTimeApiHashing.zip
57.IAT Hiding & Obfuscation - Compile Time API Hashing_files
57.IAT Hiding & Obfuscation - Compile Time API Hashing.htm
58.API Hooking - Introduction_files
58.API Hooking - Introduction.htm
59.API Hooking - Detours Library_files
59.API Hooking - Detours Library.htm
59.DetoursLibHooking.zip
6.Windows Memory Management_files
6.Windows Memory Management.htm
60.API Hooking - Minhook Library_files
60.API Hooking - Minhook Library.htm
60.MinhookLibHooking.zip
61.API Hooking - Custom Code_files
61.API Hooking - Custom Code.htm
61.CustomTrampoline.zip
62.API Hooking - Using Windows APIs_files
62.API Hooking - Using Windows APIs.htm
62.WinApiHooking.zip
63.Syscalls - Introduction_files
63.Syscalls - Introduction.htm
64.MalDevEdr.zip
64.Syscalls - Userland Hooking_files
64.Syscalls - Userland Hooking.htm
65.Syscalls - SysWhispers_files
65.Syscalls - SysWhispers.htm
66.Syscalls - Hell's Gate_files
66.Syscalls - Hell's Gate.htm
67.Syscalls - Reimplementing Classic Injection_files
67.Syscalls - Reimplementing Classic Injection.htm
67.SyscallsClassicalInjection.zip
68.Syscalls - Reimplementing Mapping Injection_files
68.Syscalls - Reimplementing Mapping Injection.htm
68.SyscallsMappingInjection.zip
69.Syscalls - Reimplementing APC Injection_files
69.Syscalls - Reimplementing APC Injection.htm
69.SyscallsApcInjection.zip
7.Introduction To The Windows API_files
7.Introduction To The Windows API.htm
70.Anti-Analysis - Introduction_files
70.Anti-Analysis - Introduction.htm
71.Anti-Debugging - Multiple Techniques_files
71.Anti-Debugging - Multiple Techniques.htm
71.AntiDebugTechs.zip
72.Anti-Debugging - Self-Deletion_files
72.Anti-Debugging - Self-Deletion.htm
72.SelfDeletion.zip
73.Anti-Virtual Environments - Multiple Techniques_files
73.Anti-Virtual Environments - Multiple Techniques.htm
73.AntiVirtualEnvTechs.zip
74.Anti-Virtual Environments - Multiple Delay Execution Techniques_files
74.Anti-Virtual Environments - Multiple Delay Execution Techniques.htm
74.DelayExecution.zip
75.Anti-Virtual Environments - API Hammering_files
75.Anti-Virtual Environments - API Hammering.htm
75.ApiHammering.zip
76.Binary Entropy Reduction_files
76.Binary Entropy Reduction.htm
76.EntropyCalc.zip
77.Brute Force Decryption_files
77.Brute Force Decryption.htm
77.BruteForce.zip
78.KeyGuard.zip
78.MalDev Academy Tool - KeyGuard_files
78.MalDev Academy Tool - KeyGuard.htm
79.CRT Library Removal & Malware Compiling_files
79.CRT Library Removal & Malware Compiling.htm
8.Portable Executable Format_files
8.Portable Executable Format.htm
80.IAT Camouflage_files
80.IAT Camouflage.htm
80.IatCamouflage.zip
81.Bypassing AVs_files
81.Bypassing AVs.htm
81.Bypassing-AVs.zip
82.Introduction To EDRs_files
82.Introduction To EDRs.htm
83.NTDLL Unhooking - Introduction_files
83.NTDLL Unhooking - Introduction.htm
84.DiskUnhooking.zip
84.NTDLL Unhooking - From Disk_files
84.NTDLL Unhooking - From Disk.htm
85.KnownDllUnhooking.zip
85.NTDLL Unhooking - From KnownDlls Directory_files
85.NTDLL Unhooking - From KnownDlls Directory.htm
86.NTDLL Unhooking - From a Suspended Process_files
86.NTDLL Unhooking - From a Suspended Process.htm
86.SuspendedProcessUnhooking.zip
87.NTDLL Unhooking - From a Web Server_files
87.NTDLL Unhooking - From a Web Server.htm
87.ServerUnhooking.zip
88.HellsGateUpdated.zip
88.Updating Hell's Gate_files
88.Updating Hell's Gate.htm
89.HellsHall.zip
89.Indirect Syscalls - HellsHall_files
89.Indirect Syscalls - HellsHall.htm
9.Dynamic-Link Library_files
9.Dynamic-Link Library.htm
90.Block DLL Policy_files
90.Block DLL Policy.htm
90.BlockDllPolicy.zip
91.Diving Into NtCreateUserProcess_files
91.Diving Into NtCreateUserProcess.htm
91.NtCreateUserProcess.zip
Modules_files
Modules.htm下载链接:
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容