The course will teach you how to develop malware, including classic tricks and tricks of modern ransomware found in the wild. Everything is supported by real examples.

The course is intended for Red Team specialists to learn in more detail the tricks of malware development (also persistence and AV bypass) and will also be useful to Blue Team specialists when conducting investigations and analyzing malware.

The course is divided into four logical sections:
- Malware development tricks and techniques (classic injection tricks, DLL injection tricks, shellcode running)
- AV evasion tricks (Anti-VM, Anti-Sandbox, Anti-disassembling)
- Persistence techniques
- Cryptographic functions in malware development (exclusive)
- Malware Development for Android and Linux (bonus)

Most of the example in this course require a deep understanding of the Python, Kotlin
and C/C++ programming languages.

Knowledge of assembly language basics is not required but will be an advantage

Training Outline (detailed):

MALWARE INJECTION TECHNIQUES:
1. Traditional Injection Approaches: Code and DLL (2 practical examples, LAB + 1 homework) - 10 min
2. Exploring Hijacking Techniques (2 practical examples, LAB + 1 homework) - 10 min
3. Understanding Asynchronous Procedure Call (APC) Injections (2 practical examples, LAB + 1 homework) - 10 min
4. Mastering New Injection/Hooking Techniques (4 practical example, LAB) - 10 min

PERSISTENCE MECHANISMS:
5. Classic Path: Registry Run Keys / Persistence via Registry Keys ( 3 practical example, LAB) - 10 min
6. Persistence via Winlogon Process ( 2 practical example, LAB) - 10 min
7. Exploiting Windows Services for Persistence ( 2 practical examples, LAB + 1 homework) - 10 min
8. Exploring Non-Trivial Loopholes and New Persistence Techniques ( 5 practical examples, LAB + 2 homework) - 10 min

MALWARE FOR PRIVILEGE ESCALATION:
9. Manipulating Access Tokens like APT (1 practical example, LAB + 1 homework) - 10 min
10. Password stealing / LSASS.exe dumping (3 practical example, LAB + 1 homework) - 10 min
11. Malware for bypass User Access Control (2 practical example LAB + 1 homework) - 10 min

ANTI-VM AND AV BYPASSING
12. Anti-Virtual Machine Strategies (4 practical example, LAB + 1 homework) - 10 min
13. Practical use of hash algorithms in malware ( 1 practical example, LAB + 1 homework) - 10 min
14. Evasion Static Detection ( 1 practical example, LAB + 1 homework) - 10 min
15. Evasion Dynamic Detection (1 practical example, LAB + 1 homework) - 10 min
16. Advanced Evasion Techniques (1 practical example, LAB + 1 homework) - 10 min
17. Cryptography for bypassing security solutions ( 4 practical examples, LAB + 2 homework) - 10 min

Linux and Android Malware
18. Linux Kernel Hacking (1 practical example, LAB) - 10 min
19. Linux process injection (1 practical example, LAB) - 10 min
20. Introduction to Android Malware (3 practical examples, LAB) - 60 min
21. Leveraging legit APIs for Android Malware (2 practical examples, LAB) - 40 min

RESEARCH AND PRACTICE:
22. Simple Tricks and Automation for Malware Development and Emulation (3 practical examples, LAB + 1 homework) - 10 min
23. How to find New Persistence Techniques (2 practical examples, LAB + 1 homework) - 10 min
24. Elliptic Curve Cryptography (ECC) and Malware ( 1 practical example, LAB + 1 homework) - 10 min