The Malware Mega Thread.
#61
I recently found out about https://www.hoppersroppers.org/rootkit.html , this is a website where multiple courses regarding low-level security in general are provided for free. The one I linked looked most promising to me, this is the description:
Quote:Fundamentals of Linux Implant Development
Learn C and Malware Analysis By Writing a Clone of Turla's Linux Backdoor

Clone a 20 year old rootkit to gain an in-depth understanding of Linux internals along with the basics of malware functionality, detection, counter-measures, and reverse-engineering.
I only skimmed through some parts so far but it looks interesting to me, maybe someone else will find a useful course on this website.
Reply
#62
(02-27-2021, 11:07 AM)chios Wrote: I recently found out about https://www.hoppersroppers.org/rootkit.html , this is a website where multiple courses regarding low-level security in general are provided for free. The one I linked looked most promising to me, this is the description:
Quote:Fundamentals of Linux Implant Development
Learn C and Malware Analysis By Writing a Clone of Turla's Linux Backdoor

Clone a 20 year old rootkit to gain an in-depth understanding of Linux internals along with the basics of malware functionality, detection, counter-measures, and reverse-engineering.
I only skimmed through some parts so far but it looks interesting to me, maybe someone else will find a useful course on this website.

Thank you for your contribution, i'll definitely be checking it out. In fact i might distill the essence of what they're talking about into a single article/thread if it seems worthwhile after giving it a read. Added benefit is then that i can convert the thread to PDF format to mirror the resource at our github organization.
Reply
#63
Anyone have any resources concerning drive-by downloads? I am trying to collect as many as i can to mirror over at our Github Organization.
Reply
#64
(12-27-2017, 11:23 PM)Insider Wrote: Great thread Vector! Nice initiative. Malware analysis / RE is some deep-water stuff. Well at least for reverse engineering I'd say so. Probably helps to have a deep understanding of the compiler, assembler etc. So don't think I would blame any newbies for being a bit insecure, leaving no replies on your thread :p But rest assured, you efforts and contributions are appericiated regardless by me and by everyone else! For sure.

In addition to the resources you added to the thread. Here's some of my "information dumps".

Book: Malware Analysis For Beginners (Part 1)
This is a very beginner friendly book for malware analysis. I would recommend it for anyone who's completely new to the concept, let alone the concept of virtual machines.
Download: https://dl.packetstormsecurity.net/paper...Part_I.pdf

Book: Crypters & Binders Handbook.
Friend of a friend made this book on some of our parent forums in the past. Not sure why she took it down from her github. But my opinion is that information should be free. Luckily I have a copy of this ebook. I really recommend it if you need a better understanding on how basic crypters & binders work. And hopefully you should be able to write your own some day and stop relying on others. Download below.
Download: https://nofile.io/f/Kc43X824NNW/crypters.pdf

Some of my own threads:
Reverse Engineering Complete, free Book: https://greysec.net/showthread.php?tid=37
Reverse Engineering 101 + 102: https://greysec.net/showthread.php?tid=2487

Tools:
Malware Analysis Tools Pack "MAP": https://github.com/dzzie/MAP

The Book: Crypters & Binders Handbook link is dead, do you have the file ? If yes please share it.
Reply
#65
(03-07-2021, 07:48 AM)arvi Wrote:
(12-27-2017, 11:23 PM)Insider Wrote: Great thread Vector! Nice initiative. Malware analysis / RE is some deep-water stuff. Well at least for reverse engineering I'd say so. Probably helps to have a deep understanding of the compiler, assembler etc. So don't think I would blame any newbies for being a bit insecure, leaving no replies on your thread :p But rest assured, you efforts and contributions are appericiated regardless by me and by everyone else! For sure.

In addition to the resources you added to the thread. Here's some of my "information dumps".

Book: Malware Analysis For Beginners (Part 1)
This is a very beginner friendly book for malware analysis. I would recommend it for anyone who's completely new to the concept, let alone the concept of virtual machines.
Download: https://dl.packetstormsecurity.net/paper...Part_I.pdf

Book: Crypters & Binders Handbook.
Friend of a friend made this book on some of our parent forums in the past. Not sure why she took it down from her github. But my opinion is that information should be free. Luckily I have a copy of this ebook. I really recommend it if you need a better understanding on how basic crypters & binders work. And hopefully you should be able to write your own some day and stop relying on others. Download below.
Download: https://nofile.io/f/Kc43X824NNW/crypters.pdf

Some of my own threads:
Reverse Engineering Complete, free Book: https://greysec.net/showthread.php?tid=37
Reverse Engineering 101 + 102: https://greysec.net/showthread.php?tid=2487

Tools:
Malware Analysis Tools Pack "MAP": https://github.com/dzzie/MAP

The Book: Crypters & Binders Handbook link is dead, do you have the file ? If yes please share it.

I have it mirrored as a GreySec thread here: https://greysec.net/showthread.php?tid=6814
But let me know if you prefer pdf-format and I may be able to dig it up.
Reply
#66
book: antivirus bypass techniques

packtpub original link and download page freeeducationweb.com antivirus-bypass-techniques
Reply
#67
(08-11-2021, 11:26 AM)thunder011 Wrote: book: antivirus bypass techniques

packtpub original link and download page freeeducationweb.com antivirus-bypass-techniques

Rather than dealing with that less-than-trustworthy site you mentioned above, I'd grab the eBook directly from Library Genesis:

Antivirus Bypass Techniques by Nir Yehoshua
Reply
#68
(08-11-2021, 10:33 PM)hworth Wrote:
(08-11-2021, 11:26 AM)thunder011 Wrote: book: antivirus bypass techniques

packtpub original link and download page freeeducationweb.com antivirus-bypass-techniques

Rather than dealing with that less-than-trustworthy site you mentioned above, I'd grab the eBook directly from Library Genesis:

Antivirus Bypass Techniques by Nir Yehoshua

Long time no see Smile Wb.

But on topic, looks like an interesting book. Thanks for the share! I'll check it out.
Reply
#69
Thanks buddy, good to see you too :-) Just caught up with Cypher last night + earlier this evening as well! I obtained my Security+ a few weeks ago and now studying for the Network+ in about a week and a half... planning on sticking around for real this time.

Anyways, yes, super interesting looking read. Downloaded it but haven't cracked the cover open yet, let me know your thoughts
Reply
#70
(08-11-2021, 10:33 PM)hworth Wrote: Rather than dealing with that less-than-trustworthy site you mentioned above, I'd grab the eBook directly from Library Genesis:

Antivirus Bypass Techniques by Nir Yehoshua

i didn't know book was available on libgen. the reason behind  posting web-page link instead of  direct zippyshare and megalink available on freeedu. was that if for some reason those links become unavailable than may be site admin may replace it with alternative links.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  I am interested in making malware... shmoeke 9 3,854 09-06-2021, 01:40 PM
Last Post: Vector
  I want to be a Malware Developer. TheCodeGirl 3 1,669 09-06-2021, 12:45 AM
Last Post: neftis
  experimental malware neftis 0 1,680 08-22-2021, 08:26 PM
Last Post: neftis
  Don't Connect Back - Beaconing Malware deviant 6 11,672 08-03-2021, 10:19 AM
Last Post: Vector