Syllabus

  1. Update 1

    Latest

    For premium & lifetime users

    Exploiting EDR for evasion Thread enumeration via syscall Custom WinAPI functions Introduction to MASM assembly
    Binary metadata modification More C fundamentals
  2. MalDev Academy Launch

    The main course syllabus is shown below

    Introduction to the Windows OS WinAPIs & PE File Format (x7) AV Detection mechanisms Brute forcing key decryption
    Payload placement (x3) Payload encryption (x3) Payload obfuscation (x4) Custom-built tools demonstration
    Local payload execution Remote payload execution Payload staging Utilizing NtCreateUserProcess
    Malware binary signing Process enumeration (x2) Thread hijacking (x4) Block DLL policy
    Local APC injection Remote APC injection Payload execution via callbacks Indirect syscalls
    Local mapping injection Remote mapping injection Local function stomping Introduction to EDRs
    Remote function stomping Controlling payload execution PPID spoofing Hell's Gate Update
    Command line argument spoofing (x2) Remote payload execution Payload staging Hell's Gate
    Parsing PE headers String hashing & obfuscation IAT obfuscation (x4) NTDLL unhooking (x5)
    API hooking (x5) Syscalls (x4) Reimplementing injection via syscalls (x3) Building a loader
    Anti-debugging methods (x2) Anti-virtualization methods (x3) File entropy reduction CRT library removal
    Malware compiling