OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.

Ethical Hacking Foundations

Malware Development in Windows

Reenzo Black

Are you a pen tester having some experience with Metasploit or Empire frameworks? Or maybe you take your first steps as an ethical hacker and you want to know more about how all these offensive tools work? Or you are a blue teamer or threat hunter who needs to better understand the internal workings of malware?

Read more

Are you a pen tester having some experience with Metasploit or Empire frameworks? Or maybe you take your first steps as an ethical hacker and you want to know more about how all these offensive tools work? Or you are a blue teamer or threat hunter who needs to better understand the internal workings of malware?

This course will provide you the answers you're looking for. It will teach you how to develop your own custom malware for latest Microsoft Windows 10. And by custom malware we mean building a dropper for any payload you want (Metasploit meterpreter, Empire or Cobalt Strike beacons, etc.), injecting your shellcodes into remote processes, creating trojan horses (backdooring existing software) and bypassing Windows Defender AV.

You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.

Enroll now

What's inside

Learning objectives

  • What is malware development in windows
  • What is pe file structure
  • Where to store your payload inside pe
  • How to encode and encrypt payloads
  • How and why obfuscate function calls
  • How to backdoor programs
  • How to inject your code into remote processes

Syllabus

Introduction
Data section as a container
Development VM Setup
Portable Executable
Read more
PE files - format and structure
PE Bear - looking inside
Generating EXE vs DLL
PE compilation
Droppers
Where to store payloads?
Storing payloads in code section
Payloads in resource section
Obfuscation and Hiding
Encoding and Encryption

HINT:

During code development you might encounter issues with string encryption/encoding. To troubleshoot these problems, check how they are constructed (i.e. how their length is calculated or comparison performed). This should lead you into solving the encountered problems.

Encrypting payloads - XOR
Encrypting payloads - AES
Antivirus vs call obfuscation
Implementing function call obfuscation
Backdoors and Trojans
Backdooring PE theory
Making Putty a trojan
Code Injection
What is code injection?
Injecting code into remote process
Implementing code injection
Loading DLLs into remote process
DLL generator and injector
Making program invisible
Summary
Course closing information

Save this course

Save Ethical Hacking Foundations: Malware Development in Windows to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Ethical Hacking Foundations: Malware Development in Windows with these activities:
Review Windows System Calls
Reviewing Windows system calls will provide a solid foundation for understanding how malware interacts with the operating system, which is crucial for development and analysis.
Browse courses on Windows API
Show steps
  • Identify key Windows API functions used in malware development.
  • Research the purpose and usage of each function.
  • Practice using these functions in simple C/C++ programs.
Read 'Practical Malware Analysis'
Reading 'Practical Malware Analysis' will provide a strong foundation in malware analysis techniques, complementing the malware development skills learned in the course.
View Practical Malware Analysis: The Hands-On Guide... on Amazon
Show steps
  • Read the chapters on static and dynamic analysis.
  • Practice analyzing sample malware using the techniques described.
  • Relate the analysis techniques to malware development strategies.
Read 'Windows Internals, 7th Edition'
Reading 'Windows Internals' will provide a comprehensive understanding of the Windows OS, essential for advanced malware development and reverse engineering.
View Melania on Amazon
Show steps
  • Read the chapters related to process management and memory management.
  • Take notes on key concepts and system structures.
  • Relate the concepts to malware development techniques.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Write a Blog Post on PE File Structure
Writing a blog post on PE file structure will reinforce understanding of the topic and help communicate the knowledge to others.
Show steps
  • Research the PE file format in detail.
  • Create diagrams to illustrate the structure.
  • Write a clear and concise explanation of each section.
  • Publish the blog post online.
Develop a Simple Keylogger
Developing a keylogger will provide hands-on experience with Windows API calls, code injection, and data persistence, all of which are core concepts in malware development.
Show steps
  • Research Windows API functions for keyboard input.
  • Implement a function to capture keystrokes.
  • Store the captured keystrokes to a file.
  • Make the keylogger run in the background.
Practice Shellcode Encoding/Decoding
Practicing shellcode encoding and decoding techniques will improve the ability to obfuscate and protect payloads from detection.
Show steps
  • Learn different encoding schemes (XOR, Base64, etc.).
  • Write scripts to encode and decode shellcode.
  • Test the scripts with various payloads.
Create a Custom Payload Dropper
Creating a custom payload dropper will solidify understanding of PE file manipulation, payload injection, and anti-analysis techniques.
Show steps
  • Design the dropper architecture.
  • Implement the payload injection mechanism.
  • Implement anti-analysis techniques (e.g., anti-VM, anti-debugging).
  • Test the dropper against various antivirus solutions.

Career center

Learners who complete Ethical Hacking Foundations: Malware Development in Windows will develop knowledge and skills that may be useful to these careers:

Reading list

We've selected two books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Ethical Hacking Foundations: Malware Development in Windows.
Cover image
Think and Grow Rich - English : For Personal Growth...
Save
Provides an in-depth understanding of the Windows operating system architecture. It valuable reference for understanding how malware interacts with the system at a low level. It is commonly used by security professionals and software developers to gain a deeper understanding of Windows internals.
Melania
Hardcover
$$
From Here to the Great Unknown: Oprah's Book Club:...
Hardcover
$$
War
Hardcover
$$
The Message
Hardcover
$$
Good Energy: The Surprising Connection Between...
Hardcover
$$
Be Ready When the Luck Happens: A Memoir
Hardcover
$$
The Anxious Generation: How the Great Rewiring of...
Hardcover
$$
Onyx Storm (Deluxe Limited Edition) (The Empyrean,...
Hardcover
$$
Spooky Cutie: Coloring Book for Adults and Teens...
Paperback
$
The Leaf Thief: (The Perfect Fall Book for Children...
Paperback
$$
Cover image
Practical Malware Analysis
Save
Provides a comprehensive guide to malware analysis techniques. It covers static and dynamic analysis methods, as well as reverse engineering. It valuable resource for understanding how malware works and how to defend against it. It is commonly used as a textbook in cybersecurity courses.
Practical Malware Analysis: The Hands-On Guide to...
Paperback
$$
Practical Malware Analysis: The Hands-On Guide to...
Kindle Edition
$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Effort
3 total hours
Via
Udemy
Instructor
Reenzo Black
Language
English
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2025 OpenCourser