Malware On Steroids


Slots Available for this year:

2nd September 2024 - 5th September 2024 - 7 AM UK 4 days 6-7 hours per day (Interactive/Online) 2500 US$

What To Expect

The Malware On Steroids is the first course which is dedicated to building your own C2 Infrastructure and Payload. There are a lot of courses which focus on exploitation, reversing and other offensive stuff, but none of them focus on how you can build your own Command & Control Infra. This course focuses on a brief introduction towards Windows Internals followed by a full hands-on course on building a Command & Control architecture with different types of Initial Access payloads.

During the course, you will learn the core fundamentals of a Malware Lifecycle such as initial access, in-memory evasions, different types of payload injections including but not limited to reflective DLLs, shellcode injection, COFF injections and more. You will learn to build different types of remote access tools running over different protocols which we will later convert to in-memory modules that can be injected to any process. We will also write dropper and stagers in x64 Assembly, C and different LOLbins which will connect back to our CnC to extract the second stage and load it into memory for execution.

The below figure highlights a brief overview on the focus area of the training session.


Training Content

The total course duration are 4 days Online Interactive training sessions over Google Meet. Virtual environments such as Active Directory Lab/C2 access/Domain access will be provided where necessary. A detailed information on the training content can be found here.


Certification

Dark Vortex provides Certificate Of Completion for every completed course. This certificate may be verified by contacting paranoidninja@0xdarkvortex.dev using the enrolment ID from the given certificate.


Prerequisites

The course is highly practical in nature and involves a lot of programming in C/C++ and Python3, reverse engineering in windbg/x64dbg. Its important to have a good grasp of the below fundamentals before approaching the course.

  • Basic Understanding of operating system architecture
  • Fundamental knowledge of programming with C/C++/Python3
  • Familiarity with programming concepts (pointers, referenceses, addresses, data structures, threads, processes)
  • Strong will to learn and creative mindset.


System Requirements

During the course, we will be working with different virtual machines which will involve cloning, creating, and snapshots and several other hands-on exercises. A properly configured system is extremely important to fully utilize the benefits of the training session. We strongly request you to have fully configured system which meets the below requirements for the course. All the requirements mentioned below are either freely available or open source.

  • Windows 10 (Virtual Machine)
    • A laptop with atleast 16GB RAM to support 2 VMs running at the same time.
    • VMware/VirtualBox installed
    • Good Internet Connectivity
    • Visual Studio with C/C++/C# packages installed
    • Visual Code/Editor of your choice
    • x64dbg
    • CFF Explorer
    • Sysinternals Tookit
    • Process Hacker
    • MS Office (Trial version is enough)
  • Kali Linux/Ubuntu 20.04 (Virtual Machine)
    • VS Code
    • Mingw-w64
    • Python3
    • Nasm
    • Wireshark

NOTE: Make sure you have a snapshot of each virtual machine before you start the class, just in case you have to revert everything back to stock if your Virtual Machine crashes during the training.


Course Fees

Malware On Steroids | 4 days (Interactive/Online)

At the end of the course, you will receive a Completion of Certificate and all the training materials including course PDFs/slides, content materials, source code for payloads and a python3 C2 built during your training program.

$2500 USD

*Inclusive of taxes and certification


We conduct live training sessions which are conducted remotely and do not contain pre-recorded videos. For enquiries on training programs or other services, reach us at paranoidninja@0xdarkvortex.dev