أمس, 03:12 PM
Maldev Academy Modules - Introduction To Malware Development
Download size: 154mb
*Readable HTML comtent and source code (English only):
1.Welcome Module_files
2.Introduction To Malware Development_files
3.Required Tools_files
4.Coding Basics_files
5.Windows Architecture_files
6.Windows Memory Management_files
7.Introduction To The Windows API_files
8.Portable Executable Format_files
9.Dynamic-Link Library_files
10.Detection Mechanisms_files
11.Windows Processes_files
12.Undocumented Structures_files
13.Payload Placement - .data & .rdata Sections_files
14.Payload Placement - .text Section_files
15.Payload Placement - .rsrc Section_files
16.Introduction To Payload Encryption_files
17.Payload Encryption - XOR_files
18.Payload Encryption - RC4_files
19.Payload Encryption - AES Encryption_files
20.Evading Microsoft Defender Static Analysis_files
21.Payload Obfuscation - IPv4_IPv6Fuscation_files
22.Payload Obfuscation - MACFucscation_files
23.Payload Obfuscation - UUIDFuscation_files
24.Maldev Academy Tool - HellShell_files
25.Maldev Academy Tool - MiniShell_files
26.Local Payload Execution - DLL_files
27.Local Payload Execution - Shellcode_files
28.Process Injection - DLL Injection_files
29.Process Injection - Shellcode Injection_files
30.Payload Staging - Web Server_files
31.Payload Staging - Windows Registry_files
32.Malware Binary Signing_files
33.Process Enumeration - EnumProcesses_files
34.Process Enumeration - NtQuerySystemInformation_files
35.Thread Hijacking - Local Thread Creation_files
36.Thread Hijacking - Remote Thread Creation_files
37.Thread Hijacking - Local Thread Enumeration_files
38.Thread Hijacking - Remote Thread Enumeration_files
39.APC Injection_files
40.Early Bird APC Injection_files
41.Callback Code Execution_files
42.Local Mapping Injection_files
43.Remote Mapping Injection_files
44.Local Function Stomping Injection_files
45.Remote Function Stomping Injection_files
46.Payload Execution Control_files
47.Spoofing PPID_files
48.Process Argument Spoofing (1)_files
49.Process Argument Spoofing (2)_files
50.Parsing PE Headers_files
51.String Hashing_files
52.IAT Hiding & Obfuscation - Introduction_files
53.IAT Hiding & Obfuscation - Custom GetProcAddress_files
54.IAT Hiding & Obfuscation - Custom GetModuleHandle_files
55.IAT Hiding & Obfuscation - API Hashing_files
56.IAT Hiding & Obfuscation - Custom Pseudo Handles_files
57.IAT Hiding & Obfuscation - Compile Time API Hashing_files
58.API Hooking - Introduction_files
59.API Hooking - Detours Library_files
60.API Hooking - Minhook Library_files
61.API Hooking - Custom Code_files
62.API Hooking - Using Windows APIs_files
63.Syscalls - Introduction_files
64.Syscalls - Userland Hooking_files
65.Syscalls - SysWhispers_files
66.Syscalls - Hell's Gate_files
67.Syscalls - Reimplementing Classic Injection_files
68.Syscalls - Reimplementing Mapping Injection_files
69.Syscalls - Reimplementing APC Injection_files
70.Anti-Analysis - Introduction_files
71.Anti-Debugging - Multiple Techniques_files
72.Anti-Debugging - Self-Deletion_files
73.Anti-Virtual Environments - Multiple Techniques_files
74.Anti-Virtual Environments - Multiple Delay Execution Techniques_files
75.Anti-Virtual Environments - API Hammering_files
76.Binary Entropy Reduction_files
77.Brute Force Decryption_files
78.MalDev Academy Tool - KeyGuard_files
79.CRT Library Removal & Malware Compiling_files
80.IAT Camouflage_files
81.Bypassing AVs_files
82.Introduction To EDRs_files
83.NTDLL Unhooking - Introduction_files
84.NTDLL Unhooking - From Disk_files
85.NTDLL Unhooking - From KnownDlls Directory_files
86.NTDLL Unhooking - From a Suspended Process_files
87.NTDLL Unhooking - From a Web Server_files
88.Updating Hell's Gate_files
89.Indirect Syscalls - HellsHall_files
90.Block DLL Policy_files
91.Diving Into NtCreateUserProcess_files
Maldev Modules Updates
MalDev.pdf
Module 1 - FileAttributesDemo.zip
Module 2 - NtQueryThreads.zip
Module 3 - WinAPIsRep.zip
Module 5 - IntroToAssembly.zip
Module 7 - Bring-Your-Own-Protocol-Handler.zip
Module 8 - Bring-Your-Own-File-Extension.zip
Module 9 - HardwareBPsHook.zip
Module 10 - HardwareBPHookingLib.zip
Module 11 - HBP_RdpThief.zip
Module 13 - QueryEtwSessions-DotNetEtwConsumer.zip
Module 14 - EtwPatching.zip
Module 15 - BetterEtwPatching.zip
Module 16 - EtwBypassViaHBP.zip
Module 17 - EtwSessionHijacking.zip
Module 19 - AmsiPatching.zip
Module 20 - AmsiBypassViaHBP.zip
Module 21 - DRM.zip
Module 23 - DllPayloadLoader.zip
Module 24 - DLLSideloading1.zip
Module 25 - DLLSideloading2.zip
Module 26 - DLLSideloading3.zip
Module 27 - BYOVD.zip
Module 28 - LocalPeExec.zip
Module 29 - ReflectiveDllLdr.zip
Module 30 - PeFluctuation.zip
Module 31 - PePacker.zip
Module 33 - PayloadExecViaFibers.zip
Module 34 - TLSCallbacksForAD.zip
Module 35 - ThreadlessInjection.zip
Module 36 - ModuleStomping.zip
Module 37 - ModuleOverloading.zip
Module 38 - ProcessHollowing.zip
Public source code
TrapFlagForSyscalling-main.zip
Alphabetfuscation-main.zip
AlphabeticalPolyShellGen-main.zip
Christmas-main.zip
CodeSearchDemo-main.zip
DRMBinViaOrdinalImports-main.zip
DumpChromeSecrets-main.zip
ElectronVulnScanner-main.zip
EmbedPayloadInPng-main.zip
ExecutePeFromPngViaLNK-main.zip
GitHubDeviceCodePhishing-main.zip
HellHall-main.zip
HookingLsassForCredentials-main.zip
LsassHijackingViaReg-main.zip
MaldevAcademyLdr.1-main.zip
MaldevAcademyLdr.2-main.zip
RemoteTLSCallbackInjection-main.zip
Download size: 154mb
*Readable HTML comtent and source code (English only):
1.Welcome Module_files
2.Introduction To Malware Development_files
3.Required Tools_files
4.Coding Basics_files
5.Windows Architecture_files
6.Windows Memory Management_files
7.Introduction To The Windows API_files
8.Portable Executable Format_files
9.Dynamic-Link Library_files
10.Detection Mechanisms_files
11.Windows Processes_files
12.Undocumented Structures_files
13.Payload Placement - .data & .rdata Sections_files
14.Payload Placement - .text Section_files
15.Payload Placement - .rsrc Section_files
16.Introduction To Payload Encryption_files
17.Payload Encryption - XOR_files
18.Payload Encryption - RC4_files
19.Payload Encryption - AES Encryption_files
20.Evading Microsoft Defender Static Analysis_files
21.Payload Obfuscation - IPv4_IPv6Fuscation_files
22.Payload Obfuscation - MACFucscation_files
23.Payload Obfuscation - UUIDFuscation_files
24.Maldev Academy Tool - HellShell_files
25.Maldev Academy Tool - MiniShell_files
26.Local Payload Execution - DLL_files
27.Local Payload Execution - Shellcode_files
28.Process Injection - DLL Injection_files
29.Process Injection - Shellcode Injection_files
30.Payload Staging - Web Server_files
31.Payload Staging - Windows Registry_files
32.Malware Binary Signing_files
33.Process Enumeration - EnumProcesses_files
34.Process Enumeration - NtQuerySystemInformation_files
35.Thread Hijacking - Local Thread Creation_files
36.Thread Hijacking - Remote Thread Creation_files
37.Thread Hijacking - Local Thread Enumeration_files
38.Thread Hijacking - Remote Thread Enumeration_files
39.APC Injection_files
40.Early Bird APC Injection_files
41.Callback Code Execution_files
42.Local Mapping Injection_files
43.Remote Mapping Injection_files
44.Local Function Stomping Injection_files
45.Remote Function Stomping Injection_files
46.Payload Execution Control_files
47.Spoofing PPID_files
48.Process Argument Spoofing (1)_files
49.Process Argument Spoofing (2)_files
50.Parsing PE Headers_files
51.String Hashing_files
52.IAT Hiding & Obfuscation - Introduction_files
53.IAT Hiding & Obfuscation - Custom GetProcAddress_files
54.IAT Hiding & Obfuscation - Custom GetModuleHandle_files
55.IAT Hiding & Obfuscation - API Hashing_files
56.IAT Hiding & Obfuscation - Custom Pseudo Handles_files
57.IAT Hiding & Obfuscation - Compile Time API Hashing_files
58.API Hooking - Introduction_files
59.API Hooking - Detours Library_files
60.API Hooking - Minhook Library_files
61.API Hooking - Custom Code_files
62.API Hooking - Using Windows APIs_files
63.Syscalls - Introduction_files
64.Syscalls - Userland Hooking_files
65.Syscalls - SysWhispers_files
66.Syscalls - Hell's Gate_files
67.Syscalls - Reimplementing Classic Injection_files
68.Syscalls - Reimplementing Mapping Injection_files
69.Syscalls - Reimplementing APC Injection_files
70.Anti-Analysis - Introduction_files
71.Anti-Debugging - Multiple Techniques_files
72.Anti-Debugging - Self-Deletion_files
73.Anti-Virtual Environments - Multiple Techniques_files
74.Anti-Virtual Environments - Multiple Delay Execution Techniques_files
75.Anti-Virtual Environments - API Hammering_files
76.Binary Entropy Reduction_files
77.Brute Force Decryption_files
78.MalDev Academy Tool - KeyGuard_files
79.CRT Library Removal & Malware Compiling_files
80.IAT Camouflage_files
81.Bypassing AVs_files
82.Introduction To EDRs_files
83.NTDLL Unhooking - Introduction_files
84.NTDLL Unhooking - From Disk_files
85.NTDLL Unhooking - From KnownDlls Directory_files
86.NTDLL Unhooking - From a Suspended Process_files
87.NTDLL Unhooking - From a Web Server_files
88.Updating Hell's Gate_files
89.Indirect Syscalls - HellsHall_files
90.Block DLL Policy_files
91.Diving Into NtCreateUserProcess_files
Maldev Modules Updates
MalDev.pdf
Module 1 - FileAttributesDemo.zip
Module 2 - NtQueryThreads.zip
Module 3 - WinAPIsRep.zip
Module 5 - IntroToAssembly.zip
Module 7 - Bring-Your-Own-Protocol-Handler.zip
Module 8 - Bring-Your-Own-File-Extension.zip
Module 9 - HardwareBPsHook.zip
Module 10 - HardwareBPHookingLib.zip
Module 11 - HBP_RdpThief.zip
Module 13 - QueryEtwSessions-DotNetEtwConsumer.zip
Module 14 - EtwPatching.zip
Module 15 - BetterEtwPatching.zip
Module 16 - EtwBypassViaHBP.zip
Module 17 - EtwSessionHijacking.zip
Module 19 - AmsiPatching.zip
Module 20 - AmsiBypassViaHBP.zip
Module 21 - DRM.zip
Module 23 - DllPayloadLoader.zip
Module 24 - DLLSideloading1.zip
Module 25 - DLLSideloading2.zip
Module 26 - DLLSideloading3.zip
Module 27 - BYOVD.zip
Module 28 - LocalPeExec.zip
Module 29 - ReflectiveDllLdr.zip
Module 30 - PeFluctuation.zip
Module 31 - PePacker.zip
Module 33 - PayloadExecViaFibers.zip
Module 34 - TLSCallbacksForAD.zip
Module 35 - ThreadlessInjection.zip
Module 36 - ModuleStomping.zip
Module 37 - ModuleOverloading.zip
Module 38 - ProcessHollowing.zip
Public source code
TrapFlagForSyscalling-main.zip
Alphabetfuscation-main.zip
AlphabeticalPolyShellGen-main.zip
Christmas-main.zip
CodeSearchDemo-main.zip
DRMBinViaOrdinalImports-main.zip
DumpChromeSecrets-main.zip
ElectronVulnScanner-main.zip
EmbedPayloadInPng-main.zip
ExecutePeFromPngViaLNK-main.zip
GitHubDeviceCodePhishing-main.zip
HellHall-main.zip
HookingLsassForCredentials-main.zip
LsassHijackingViaReg-main.zip
MaldevAcademyLdr.1-main.zip
MaldevAcademyLdr.2-main.zip
RemoteTLSCallbackInjection-main.zip