(09-04-2021, 12:26 PM)TheCodeGirl Wrote: (1)What are some list of topics that I need to learn thoroughly?
From what I can see, you already know some of the fundementals of writing good low level malware (ANSI C, Assembly and CS). But in my experience from talking to other people, it would be a good idea to learn some of this stuff
https://greysec.net/showthread.php?tid=6825 If you can write low-level stuff you can more easily try to exploit the system (For example privilege escalation).
But its in no means nessecary to know. You can still write more easy/simple projects by just knowing like Python or other languages without any low-level knowledge. For example keyloggers, droppers, clipboard jackers, crypters etc.
One thing I would recommend learning about though is how crypters/binders work, how to bypass antivirus mechanics & PE-injection/PE-format. This will really help you to make more stealthy malware can be be undetectable by antivirus. I will drop some links here to some good resources:
-
https://greysec.net/showthread.php?tid=6981
-
https://greysec.net/showthread.php?tid=6814
-
https://greysec.net/showthread.php?tid=6805
-
https://greysec.net/showthread.php?tid=3244
-
https://greysec.net/showthread.php?tid=6806
- Malware development part 1:
https://0xpat.github.io/Malware_development_part_1/
- Malware development part 2:
https://0xpat.github.io/Malware_development_part_2/
- Malware development part 3:
https://0xpat.github.io/Malware_development_part_3/
Also for learning about botnets I would probably recommend learning about topics such as networking. More specifically maybe topics like p2p/torrent-traffic or fastflux DNS.
I don't have a lot of experience writing malware though. Just do my own hobbie projects myself sometimes to challenge myself into bypassing AV. But I think you should maybe hit up Vector on here for more good advice (Our supermoderator & GS Devs leader). He has more knowledge about this stuff.
(09-04-2021, 12:26 PM)TheCodeGirl Wrote: (3)Is there any legal job that deals with writing malwares (NOT MALWARE ANALYSIS) or is it a illegal profession?
That depends a lot on where you live. You country and laws etc. But in my experience, looking around for jobs like this myself sometimes. It seems like the best path to legal malware development would be through the government. A lot of governments has different agencies involved with writing malware. For example signals intelligence, law enforcement or military. If you look through those places to see if they have any cyber/it-departments. But other than that, I think in some countries you can work for private companies who does these things too, usually contracted by governments to develop it.
Another path could be red-team, like penetration testers. This isn't purely malware development. But you can write your own malware to use during engagements to inject your target during a penetrationtest.
(09-04-2021, 12:26 PM)TheCodeGirl Wrote: (4)How can I hone my skills in malware development? And how much time do I need to devote to learning it?
In my opinion. One of the best things to learn any code related stuff is to get your hands dirty. Try to write your own malware for yourself. And just try it out. Get a virtual machine, infect yourself. Scan it with different antivirus engines to see how it performs etc.
(09-04-2021, 12:26 PM)TheCodeGirl Wrote: Also, how do you make money selling malwares and how do you distribute it?
This is probably harder to do legally. Illegally though if you have knowledge and rep you can sell these in marketplaces in different blackhat forums. Or you can try to get yourself involved into different criminal groups and write malware for them. Like ransomware gangs. Not that I'd condone this stuff.
But more legally. Maybe like I mentioned before, see if there's any private companies involved with this. In some countries there are private companies involved in being contracted by different actors to write malware. More practical examples would maybe be like Hacking Team or the IT-security sector in Israel.
