Course Malware Development

Advanced Ransomware Development

What you'll learn

The student will have the knowledge to develop advanced malware

The complete course has 14 theoretical and practical modules, starting with the introduction to Ransomware through to the complete development of the malware.

The course teaches theoretically and practically the development and operation of a Ransowmare

With the knowledge from this course, a student will have knowledge about how the most famous software currently available works.

Requirements

You don't need knowledge, just a desire to learn.

Description

1.​ PRESENTATIONHere we will begin to teach the history of Ransomware, how itemerged, first reports, groups, victims and much more.2.​ Golang LogicFinishing the theoretical knowledge, we move on to practice, westart by learning the basics of the Golang language, variables,functions, modules, channel, etc3.​ File ManipulationNow that we know the basics of Golang, let's dive in and learnabout file manipulation, reading, writing, listing, permissions, etc.Since this is a Ransomware course, it's important to know aboutfiles, don't you agree?4.​ HashHere we will learn a little about Hash, md5, base64, sha256among others.5.​ Advanced encryptionIn this module, we will start to make the content more difficult, thestudent will learn in depth the basic and advanced knowledgeabout symmetric and asymmetric cryptography, many used infamous Ransomware, AES, RSA, CHACHA20.6.​ SandboxLet's learn a little about sandbox environments for evasionprocesses, creating several functions that we can detect if ourmalware is running in test environments.7.​ Running processesIn real ransomware, there is a list of running processes, this stepis important, the objective is to know which processes we must killfor the malware to run.8.​ InfosystemIn this module, we will talk about collecting information from our“Targets”, hostname, username, addresses, permission, OS.9.​ About LogsIn this module, we will learn about logs stored on our targets andhow we can “eliminate” them, an important process in the attackto erase traces.10.​ READMEHere we will learn how to create our famous warning banner, theone that all ransomware has: “All your files have been encrypted,do not attempt to recover them………”

Overview

Section 1: Presentations

Lecture 1 Presentation

Lecture 2 Access the complete material.

Lecture 3 Aboult Ransowmare

Section 2: FIle Manipulation

Lecture 4 ReadFile

Lecture 5 CreateFIle

Lecture 6 CreateFIle

Lecture 7 ListFile

Section 3: Abault Hash

Lecture 8 Base64

Lecture 9 MD5

Lecture 10 MD5

Lecture 11 SHA256

Section 4: Advanced Encryption

Lecture 12 AES - Create_Key

Lecture 13 AES - Encrypt File

Lecture 14 AES - Decrypt File

Lecture 0 CHACHA20

Lecture 15 CHACHA20

Lecture 16 RSA - Create Key

Lecture 17 RSA - Encrypt Key

Section 5: SandBox

Lecture 18 Sandbox

Lecture 19 Sandbox

Lecture 20 Sandbox

Lecture 21 Sandbox

Lecture 22 Sandbox

Lecture 23 Sandbox

Lecture 24 Sandbox

Section 6: Kill Process

Lecture 25 Kill Process

Lecture 26 Kill Process

Lecture 27 Kill Process

Lecture 28 Kill Process

Lecture 29 KIll Process

Section 7: Infosystem

Lecture 30 Infosys

Lecture 31 Infosys

Section 8: Aboult Logs

Lecture 32 Clear Logs

Section 9: Project: Ransowmare v1

Lecture 33 MapFile - 1

Lecture 34 MapFile - 2

Lecture 35 AES Encryption

Lecture 36 AES Encryption

Lecture 37 XOR

Lecture 38 AES Decryption

Lecture 39 CMD Encrypt

Lecture 40 CMD Decrypt

Lecture 41 First Ransomware Test

Lecture 42 Layout Keyboard

Lecture 43 RSA Encrypt

Lecture 44 RSA Encrypt

Lecture 45 RSA Decrypt

Lecture 46 Organizing Ransowmare

Section 10: Project: Ransomware v2

Lecture 47 Encrypt Process

Lecture 48 Encrypt Process

Lecture 49 Encrypt Process

Lecture 50 Decrypt Process

Lecture 51 CMD Encrypt

Lecture 52 CMD Decrypt

Lecture 53 Running Ransomware

Lecture 54 Acknowledgements

Malware Developers, Red Team, Pentesters, Reverse Engineers.