Malware Development and Reverse Engineering 1 : The Basics

  • Category Other
  • Type Tutorials
  • Language English
  • Total size 4.5 GB
  • Uploaded By tutsnode
  • Downloads 1633
  • Last checked 1 day ago
  • Date uploaded 4 years ago
  • Seeders 30
  • Leechers 12

Infohash : 63D1320A580D263569A35713A9490FB0359EF3DC




Description

Many malware analysts perform reverse engineering on malware without knowing the why’s. They only know the how’s. To fill that knowledge gap, I have created this course.

You will learn first-hand from a Malware Developers’ perspective what windows API functions are commonly used in malware and finally understand why you need to trace them when reversing malware.

Learning Methodology:

Build programs that simulate Windows Trojans and Reverse Engineer them.
This will make you a better Reverse Engineer and Malware Analyst and also Penetration Tester.
The best way to understand malware is to be a Malware Developer.

Features:

Every topic will contain two parts: programming and reversing.
In the programming parts we will be writing programs that simulate trojan behavior by using API functions typically found in malware.
Then, in the reversing part, we take the programs that we wrote and perform reverse engineering on it
In this way, you will, for the first time, really understand why malware analyst do what they do when reversing a piece of malware

What you will learn:

How to compile and build executables and dynamic link libraries (DLL)
Windows API used in Malware
Creating shellcode using Metasploit on Kali Linux
Hiding shellcode payload in executable files
How to analyze and inspect memory of a running malware
Injecting Shellcode into running processes
Creating Remote Threads
Encryption of Payloads and Function Call String Parameters
Obfuscation of Function Calls
Malware Stealth Strategies
Encoding of Payloads
Trojan Development Life Cycle
How Anti Virus works under the hood
Using Yara to study malware signatures
Anti Virus Evasion Techniques
Dynamic Runtime API Loading
and more

We will be using free tools in this course, including Oracle Virtual Box and Flare-VM and the Community Edition of Microsoft Visual Studio 2019 C++. We will also install Kali Linux in the Virtual Box for learning how to use Metasploit to generate windows shellcode. Everything is highly practical. No boring theory or lectures. More like walk-throughs which you can replicate and follow along.

By the end of this course, you will have the basic skills to better understand how Malware works from the programmers’ point of view. This knowledge and skills are suitable for those aspiring to be Red Teamers.

Also, having practical knowledge of malware development will give you a better understanding of how to reverse engineer malware. For example, when reversing and analyzing a trojan, we usually put breakpoints of dangerous API functions calls – but don’t know why we do it. Now, in this course, I will show you the reasons for it. By the end of this course, you would have gained a solid foundation for understanding why and how malware reverse engineering works.

Suitable for:

Reverse Engineering and Malware Analysis Students
Programmers who want to know how Malware is created
Students planning on entering Malware Analysis and Reverse Engineering, or Penetration Testers as a Career Path
Penetration Testers and Ethical Hackers

Prerequisite:

Windows PC
Basic C Language
Basic Linux commands

Who this course is for:

Reverse Engineering and Malware Analysis Students
Programmers who want to know how Malware is created
Students planning on entering Malware Analysis and Reverse Engineering or Penetration Testers as a Career Path
Penetration Testers and Ethical Hackers

Requirements

Windows PC
Basic C Language
Basic Linux commands

Last Updated 8/2021

Files:

Malware Development and Reverse Engineering 1 The Basics [TutsNode.com] - Malware Development and Reverse Engineering 1 The Basics 05 Generating Shellcodes Using Metasploit in Kali Linux
  • 001 Generating Shellcodes Using Metasploit in Kali Linux.mp4 (184.4 MB)
  • 001 Generating Shellcodes Using Metasploit in Kali Linux.en.srt (19.3 KB)
  • 012 creating shellcode with metasploit notes.txt (0.3 KB)
  • 012 metasploit msfconsole commands.txt (2.5 KB)
  • 012 notepad_shellcode.zip (0.4 KB)
01 Introduction
  • 001 Introduction.en.srt (3.0 KB)
  • 001 Introduction.mp4 (69.2 MB)
19 Process Injection
  • 035 Process Injection.pdf (507.9 KB)
  • 003 Process Injection - Part 1 - Explanation of APIs.mp4 (161.7 MB)
  • 003 Process Injection - Part 1 - Explanation of APIs.en.srt (19.2 KB)
  • 004 Process Injection - Part 2 - Running and Testing with Process Hacker.en.srt (5.6 KB)
  • 001 Introduction to Process Injection.en.srt (4.3 KB)
  • 002 Creating MessageBox Shellcode Using Metasploit in Kali Linux.en.srt (3.9 KB)
  • 037 08-process injection.zip (2.3 KB)
  • 037 Process Injection Notes.txt (1.2 KB)
  • 004 Process Injection - Part 2 - Running and Testing with Process Hacker.mp4 (76.6 MB)
  • 002 Creating MessageBox Shellcode Using Metasploit in Kali Linux.mp4 (32.2 MB)
  • 001 Introduction to Process Injection.mp4 (13.3 MB)
  • 036 creating messageBox shellcode uwing metasploit.mp4 (12.1 MB)
22 DLL Injection
  • 045 10-DLL_injection_ver2.zip (116.8 KB)
  • 041 DLL Injection.pdf (716.5 KB)
  • 003 DLL Injection - Part 1 - Explanation of APIs, Building DLL and EXE files.en.srt (11.3 KB)
  • 001 Introduction to DLL Injection.en.srt (5.6 KB)
  • 004 DLL Injection - Part 2 - Running and Analyzing with Process Hacker.en.srt (5.3 KB)
  • 005 DLL Injector - version 2 - autodetecting DLL.en.srt (5.0 KB)
  • 002 Creating 64-bit MSPaint Shellcode with Metasploit.en.srt (4.8 KB)
  • 043 09-DLL_injection.zip (3.2 KB)
  • 042 shellcode_runner.zip (1.8 KB)
  • 041 DLL Injection Notes.txt (1.6 KB)
  • 045 DLL Injection ver2 Notes.txt (0.1 KB)
  • 003 DLL Injection - Part 1 - Explanation of APIs, Building DLL and EXE files.mp4 (109.4 MB)
  • 004 DLL Injection - Part 2 - Running and Analyzing with Process Hacker.mp4 (70.9 MB)
  • 002 Creating 64-bit MSPaint Shellcode with Metasploit.mp4 (54.8 MB)
  • 005 DLL Injector - version 2 - autodetecting DLL.mp4 (42.8 MB)
  • 001 Introduction to DLL Injection.mp4 (24.1 MB)
27 Anti Virus Evasion
  • 054 yara options.JPG (20.7 KB)
  • 003 Evading Anti Virus Using Function Obfuscation and Parameter String Encryption.mp4 (182.9 MB)
  • 003 Evading Anti Virus Using Function Obfuscation and Parameter String Encryption.en.srt (19.3 KB)
  • 055 13-av-evasion.zip (50.6 KB)
  • 054 reversing_lab_project.zip (49.1 KB)
  • 002 Installing Yara.en.srt (9.7 KB)
  • 001 Introduction to Anti Virus Evasion.en.srt (5.1 KB)
  • 055 av evasion notes.txt (0.4 KB)
  • 054 installing yara notes.txt (0.2 KB)
  • 053 Intro to Anti-virus Evasion.pdf (480.2 KB)
  • 002 Installing Yara.mp4 (103.8 MB)
  • 001 Introduction to Anti Virus Evasion.mp4 (16.8 MB)
15 Obfuscating Functions Using GetProcAddress and XOR Encryption
  • 002 Function Obfuscation Using GetProcAddress and XOR Encryption.en.srt (13.8 KB)
  • 001 Intro to Function Obfuscation Using GetProcAddress API.en.srt (11.1 KB)
  • 025 obfuscating functions notes.txt (0.8 KB)
  • 025 06-function_obfuscation.zip (3.9 KB)
  • 002 Function Obfuscation Using GetProcAddress and XOR Encryption.mp4 (110.1 MB)
  • 001 Intro to Function Obfuscation Using GetProcAddress API.mp4 (107.4 MB)
06 Embedding Shellcode Payload in .RSRC Section and Analyzing with xdbg
  • 013 embedding shellcode in resources notes.txt (0.4 KB)
  • 001 Intro to Embedding Shellcode in .RSRC Section.en.srt (15.8 KB)
  • 002 Embedding Shellcode Payload in .RSRC Section and Analyzing with xdbg.en.srt (11.3 KB)
  • 013 02-embeddingPayload.zip (4.8 KB)
  • 002 Embedding Shellcode Payload in .RSRC Section and Analyzing with xdbg.mp4 (115.6 MB)
  • 001 Intro to Embedding Shellcode in .RSRC Section.mp4 (94.6 MB)
02 Installing The Tools
  • 004 flarevm.txt (0.1 KB)
  • 002 windows 7 download links - v3.txt (0.4 KB)
  • 006 installing kali linux.txt (0.4 KB)
  • 002 Lab Setup-v3.pdf (56.7 KB)
  • 002 Configuring the Virtual Machine.en.srt (13.5 KB)
  • 001 Installing the Virtual Machine.en.srt (9.7 KB)
  • 005 Installing Kali Linux (for generating shellcode using Metasploit).en.srt (7.3 KB)
  • 003 Installing Flare-VM.en.srt (4.4 KB)
  • 004 Installing Microsoft Visual Studio 2019 Community (C++).en.srt (3.8 KB)
  • 006 Creating Shared Folders on Kali.en.srt (3.2 KB)
  • 005 installing microsoft visual studio 2019 notes.txt (0.2 KB)
  • 002 Configuring the Virtual Machine.mp4 (152.3 MB)
  • 005 Installing Kali Linux (for generating shellcode using Metasploit).mp4 (90.2 MB)
  • 003 Installing Flare-VM.mp4 (59.7 MB)
  • 006 Creating Shared Folders on Kali.mp4 (35.2 MB)
  • 004 Installing Microsoft Visual Studio 2019 Community (C++).mp4 (25.5 MB)
  • 001 Installing the Virtual Machine.mp4 (20.9 MB)
24 Creating a Stealth Trojan
  • 048 11-stealth-trojan.zip (115.8 KB)
  • 001 Creating a Stealth Trojan.en.srt (4.2 KB)
  • 048 stealth trojan notes.txt (0.1 KB)
  • 001 Creating a Stealth Trojan.mp4 (39.1 MB)
23 Detecting and Reverse Engineering DLL Injection
  • 046 reversing_DLL_injection.zip (111.3 KB)
  • 001 Detect DLL Injection and Dump DLL Shellcode.en.srt (12.5 KB)
  • 002 Testing DLL Shellcode Using ShellcodeRunner.en.srt (2.5 KB)
  • 047 shellcode_runner.zip (1.8 KB)
  • 046 Reversing DLL Injection Notes.txt (1.5 KB)
  • 001 Detect DLL Injection and Dump DLL Shellcode.mp4 (159.1 MB)
  • 002 Testing DLL Shellcode Using ShellcodeRunner.mp4 (28.6 MB)
13 Reverse Engineering AES Encryption Using CryptDecrypt
  • 023 reversing_aes.zip (69.3 KB)
  • 001 Reverse Engineering AES Encryption Using CryptDecrypt API.en.srt (10.3 KB)
  • 023 reversing aes encryption notes.txt (0.8 KB)
  • 001 Reverse Engineering AES Encryption Using CryptDecrypt API.mp4 (119.3 MB)
04 Embedding Shellcode Payloads in EXE files
  • 009 notes for embedding shellcode payload in text section.txt (0.4 KB)
  • 009 02-embeddingPayload.zip (1.3 KB)
  • 011 02-embeddingPayload.zip (2.6 KB)
  • 001 1-intro to embedding shellcode payload.en.srt (14.9 KB)
  • 002 Embedding Shellcode Payload in .TEXT Section.en.srt (13.0 KB)
  • 003 Embedding Shellcode Payload in .DATA Section.en.srt (12.6 KB)
  • 002 Embedding Shellcode Payload in .TEXT Section.mp4 (110.3 MB)
  • 003 Embedding Shellcode Payload in .DATA Section.mp4 (110.2 MB)
  • 001 1-intro to embedding shellcode payload.mp4 (97.6 MB)
09 Reverse Engineering Base64 Encoded Payloads
  • 017 reversing_base64.zip (68.8 KB)
  • 017 reversing base64 notes.txt (0.8 KB)
  • 001 Reverse Engineering Base64 Encoded Payloads.en.srt (9.9 KB)
  • 001 Reverse Engineering Base64 Encoded Payloads.mp4 (116.4 MB)
08 Base64 Encoding of Shellcode Payload
  • 016 Base64 Encoding Notes.txt (0.1 KB)
  • 001 Intro to Base64 Encoding of Shellcode Payload.en.srt (13.6 KB)
  • 016 03-base64_encoding_payload.zip (2.7 KB)
  • 016 Encoding or Encrypting Payloads.pdf (468.8 KB)
  • 001 Intro to Base64 Encoding of Shellcode Payload.mp4 (110.0 MB)
16 Reverse Engineering Function Obfuscation
  • 027 reversing_function_obfuscation.zip (68.3 KB)
  • 001 Reverse Engineering Function Obfuscation.en.srt (5.4 KB)
  • 027 obfuscating functions notes.txt (0.8 KB)
  • 001 Reverse Engineering Function Obfuscation.mp4 (53.9 MB)
20 Detecting Process Injection and Reverse Engineering it
  • 039 reversing_process_injection.zip (66.5 KB)
  • 001 Detecting Process Injection and Reverse Engineering it.en.srt (11.2 KB)
  • 039 Reversing Process Injection Notes.txt (1.4 KB)
  • 001 Detecting Process Injection and Reverse Engineering it.mp4 (131.5 MB)
17 Trojan Engineering Using Code Caves
  • 030 07-trojan-creation.zip (51.3 KB)
  • 028 Creating Trojans.pdf (705.4 KB)
  • 001 Introduction to Trojan Engineering.en.srt (15.1 KB)
  • 004 Trojanizing Crackme1 - Part 1.en.srt (12.3 KB)
  • 002 Using Metasploit to Create MsPaint Shellcode.en.srt (7.7 KB)
  • 005 Trojanizing Crackme1 - Part 2.en.srt (7.6 KB)
  • 003 Testing MsPaint Shellcode with ShellcodeRunner.en.srt (5.0 KB)
  • 004 Trojanizing Crackme1 - Part 1.mp4 (134.7 MB)
  • 001 Introduction to Trojan Engineering.mp4 (81.1 MB)
  • 002 Using Metasploit to Create MsPaint Shellcode.mp4 (77.5 MB)
  • 005 Trojanizing Crackme1 - Part 2.mp4 (74.5 MB)
  • 003 Testing MsPaint Shellcode with ShellcodeRunner.mp4 (42.6 MB)
18 Reverse Engineering Code Cave Trojans
  • 033 reversing_codecave_trojan.zip (49.1 KB)
  • 001 Reverse Engineering Code Cave Trojans.en.srt (7.2 KB)
  • 002 Testing 32-bit Shellcode with ShellcodeRunner32.en.srt (5.3 KB)
  • 033 reversing code cave trojan notes.txt (0.2 KB)
  • 034 shellcode_runner32.zip (1.7 KB)
  • 001 Reverse Engineering Code Cave Trojans.mp4 (70.1 MB)
  • 002 Testing 32-bit Shellcode with ShellcodeRunner32.mp4 (39.3 MB)
26 Reverse Engineering the Lab Project Trojan
  • 051 reversing_lab_project.zip (49.1 KB)
  • 001 Detecting Process Injection and Dumping Explorer Memory.en.srt (6.1 KB)
  • 002 Testing the dumped shellcode using ShellcodeRunnerInjected.en.srt (4.2 KB)
  • 052 shellcode_runner_injected.zip (2.3 KB)
  • 051 Reversing Lab Project Notes.txt (1.1 KB)
  • 001 Detecting Process Injection and Dumping Explorer Memory.mp4 (81.8 MB)
  • 002 Testing the dumped shellcode using ShellcodeRunnerInjected.mp4 (50.1 MB)
03 Building EXE and DLL and Examining PE Structure
  • 001 Building EXE and DLL and Examining PE Structure.en.srt (19.2 KB)
  • 008 01-buildingEXEandDLL.zip (1.6 KB)
  • 001 Building EXE and DLL and Examining PE Structure.mp4 (134.4 MB)
10 XOR Encryption of Payload
  • 001 Intro To XOR Encryption.en.srt (17.5 KB)
  • 018 04-XOR_encrypting_payload.zip (2.7 KB)
  • 018 xor encryption notes.txt (0.2 KB)
  • 002 Analyzing XOR encryption payload with xdbg.en.srt (3.8 KB)
  • 001 Intro To XOR Encryption.mp4 (131.6 MB)
  • 002 Analyzing XOR encryption payload with xdbg.mp4 (47.3 MB)
28 Bonus Lecture
  • 056 useful-resources-for-further-study-2021.pdf (668.7 KB)
  • 001 Bonus Lecture.en.srt (1.8 KB)
  • 001 Bonus Lecture.mp4 (10.6 MB)
12 AES Encryption of Payload
  • 001 Intro to AES Encryption.en.srt (12.1 KB)
  • 021 05-AES_encrypting_payload.zip (2.4 KB)
  • 021 aes encryption notes.txt (1.0 KB)
  • 002 AES Encrypting the Payload.en.srt (6.2 KB)
  • 001 Intro to AES Encryption.mp4 (90.1 MB)
  • 002 AES Encrypting the Payload.mp4 (68.2 MB)
25 Lab Project _ Creating a Trojan with Encrypted Payload and Injection Capability
  • 002 Lab Project _ Creating a Trojan with Encrypted Payload and Injection Capability.en.srt (8.8 KB)
  • 050 12-lab-project-v3.zip (3.4 KB)
  • 001 Introduction to Lab Project.en.srt (1.2 KB)
  • 049 Intro to Lab Project.pdf (406.1 KB)
  • 002 Lab Project _ Creating a Trojan with Encrypted Payload and Injection Capability.mp4 (96.3 MB)
  • 001 Introduction to Lab Project.mp4 (5.0 MB)
07 Testing Unpacked Dumped Shellcode Payload Using Hexeditor and a C Program
  • 001 Testing Unpacked Dumped Shellcode Payload Using Hexeditor and a C Program.en.srt (8.6 KB)
  • 001 Testing Unpacked Dumped Shellcode Payload Using Hexeditor and a C Program.mp4 (93.7 MB)
14 Testing Shellcode Using Shellcode Runner
  • 024 shellcode_runner.zip (1.8 KB)
  • 001 Testing Shellcode Using Shellcode Runner.en.srt (5.5 KB)
  • 001 Testing Shellcode Using Shellcode Runner.mp4 (47.6 MB)
11 Reverse Engineering XOR Encryption
  • 001 Reverse Engineering XOR Encryption.en.srt (5.7 KB)
  • 001 Reverse Engineering XOR Encryption.mp4 (73.2 MB)
21 Testing Process Injection Shellcode with ShellcodeRunnerInjected
  • 001 Testing Process Injection Shellcode with ShellcodeRunnerInjected.en.srt (5.2 KB)
  • 040 shellcode_runner_injected.zip (2.3 KB)
  • 001 Testing Process Injection Shellcode with ShellcodeRunnerInjected.mp4 (55.4 MB)
  • TutsNode.com.txt (0.1 KB)
    • .pad
    • 0 (0.0 KB)
    • 1 (0.0 KB)
    • 2 (5.4 KB)
    • 3 (3.1 KB)
    • 4 (263.1 KB)
    • 5 (352.0 KB)
    • 6 (569.1 KB)
    • 7 (424.7 KB)
    • 8 (562.5 KB)
    • 9 (743.6 KB)
    • 10 (630.5 KB)
    • 11 (421.1 KB)
    • 12 (669.4 KB)
    • 13 (782.1 KB)
    • 14 (962.4 KB)
    • 15 (19.4 KB)
    • 16 (604.2 KB)
    • 17 (603.0 KB)
    • 18 (254.7 KB)
    • 19 (421.7 KB)
    • 20 (675.7 KB)
    • 21 (379.8 KB)
    • 22 (288.4 KB)
    • 23 (860.0 KB)
    • 24 (871.1 KB)
    • 25 (177.0 KB)
    • 26 (880.0 KB)
    • 27 (492.4 KB)
    • 28 (404.4 KB)
    • 29 (475.4 KB)
    • 30 (774.4 KB)
    • 31 (101.2 KB)
    • 32 (894.2 KB)
    • 33 (841.7 KB)
    • 34 (862.6 KB)
    • 35 (295.0 KB)
    • 36 (609.5 KB)
    • 37 (232.9 KB)
    • 38 (137.8 KB)
    • 39 (909.0 KB)
    • 40 (391.1 KB)
    • 41 (760.3 KB)
    • 42 (186.3 KB)
    • 43 (368.3 KB)
    • 44 (694.9 KB)
    • 45 (901.4 KB)
    • 46 (848.3 KB)
    • 47 (801.9 KB)
    • 48 (435.5 KB)
    • 49 (486.7 KB)
    • 50 (964.7 KB)
    • 51 (137.2 KB)
    • 52 (248.9 KB)
    • 53 (695.3 KB)
    • 54 (903.8 KB)
    • 55 (405.8 KB)
  • [TGx]Downloaded from torrentgalaxy.to .txt (0.6 KB)

There are currently no comments. Feel free to leave one :)

Code:

  • udp://open.stealth.si:80/announce
  • udp://tracker.tiny-vps.com:6969/announce
  • udp://fasttracker.foreverpirates.co:6969/announce
  • udp://tracker.opentrackr.org:1337/announce
  • udp://explodie.org:6969/announce
  • udp://tracker.cyberia.is:6969/announce
  • udp://ipv4.tracker.harry.lu:80/announce
  • udp://tracker.uw0.xyz:6969/announce
  • udp://opentracker.i2p.rocks:6969/announce
  • udp://tracker.birkenwald.de:6969/announce
  • udp://tracker.torrent.eu.org:451/announce
  • udp://tracker.moeking.me:6969/announce
  • udp://tracker.dler.org:6969/announce
  • udp://9.rarbg.me:2970/announce
R2-CACHE ☁️ R2 (hit) | CDN: MISS (0s) 📄 torrent 🕐 13 Jan 2026, 11:11:10 am IST ⏰ 07 Feb 2026, 11:11:07 am IST ✅ Valid for 21d 8h 🔄 Refresh Cache