- 36
- 70 528
AhmedS Kasmani
Приєднався 12 жов 2011
Welcome to the channel.
I love Information Technology and Cyber Security. The goal of this channel is to share the basics of Cyber Security, help you getting started and develop a career in Cyber Security.
On this channel I intend to share tutorials and help you getting started in Cyber Security.
I love Information Technology and Cyber Security. The goal of this channel is to share the basics of Cyber Security, help you getting started and develop a career in Cyber Security.
On this channel I intend to share tutorials and help you getting started in Cyber Security.
Malware 101: Hiding Shellcode in the Resource Section of PE File.
This is a continuation of the series where I will share the basics of Malware.
In this video we discuss how to hide shellcode in the resources section of a pe file and then execute it from there.
Offensive Development Course: ask-academy.live/courses/offensive-development-and-tradecraft/
Code: discord.gg/SpdTFCAAzG
Please provide feedback in the comments.
To continue the conversation hit me up on twitter:
🐦 Twitter - nu11charb
In this video we discuss how to hide shellcode in the resources section of a pe file and then execute it from there.
Offensive Development Course: ask-academy.live/courses/offensive-development-and-tradecraft/
Code: discord.gg/SpdTFCAAzG
Please provide feedback in the comments.
To continue the conversation hit me up on twitter:
🐦 Twitter - nu11charb
Переглядів: 472
Відео
Malware 101: Injection Basics - Remote Shellcode Injection
Переглядів 9393 місяці тому
This is a continuation of the series where I will share the basics of Malware. In this video we discuss one of the many ways for a process to inject shellcode into another process. Offensive Development Course: ask-academy.live/courses/offensive-development-and-tradecraft/ Code: discord.gg/SpdTFCAAzG Please provide feedback in the comments. To continue the conversation hit me up on twitter: 🐦 T...
Malware 101: Injection Basics - Local Shellcode Injection
Переглядів 1,1 тис.3 місяці тому
This is a continuation of the series where I will share the basics of Malware. In this video we discuss a couple of simple ways for a process to inject shellcode into its process. Offensive Development Course: ask-academy.live/courses/offensive-development-and-tradecraft/ Code: discord.gg/SpdTFCAAzG Please provide feedback in the comments. To continue the conversation hit me up on twitter: 🐦 Tw...
Malware 101: Injection Basics - Dll Injection
Переглядів 7264 місяці тому
In this video we continue our journey in the world of Malware. This is a continuation of the series where I will share the basics of Malware. Here we discuss Dll Injection, this is a very important technique to understand as it forms the basics of Process Injection. This is also important to understand for Api Hooking. Offensive Development Course: ask-academy.live/courses/offensive-development...
Malware Evasion 101: Detecting Debugger and Analysis Software
Переглядів 4064 місяці тому
In this video we continue our journey in the world of Malware. This is a continuation of the series where I will share the basics of Malware. Offensive Development Course: ask-academy.live/courses/offensive-development-and-tradecraft/ Code: discord.gg/SpdTFCAAzG Please provide feedback in the comments. To continue the conversation hit me up on twitter: 🐦 Twitter - nu11charb
Malware 101: Writing your first Exe and Dll in C
Переглядів 2,9 тис.4 місяці тому
In this video we dive into the world of Malware. This will be a series where I will share the basics of Malware. Offensive Development Course: ask-academy.live/courses/offensive-development-and-tradecraft/ Basics of PE File: learn.microsoft.com/en-us/windows/win32/debug/pe-format Code: discord.gg/SpdTFCAAzG Please provide feedback in the comments. To continue the conversation hit me up on twitt...
Latrodectus - Malware Analysis Part 2
Переглядів 6945 місяців тому
This is part 2 of the analysis of the Latrodectus Malware. In this video we will look at the final payload. Final Payload Download Link: hxxps[://]bazaar[.]abuse[.]ch/sample/d843d0016164e7ee6f56e65683985981fb14093ed79fde8e664b308a43ff4e79/ Code Repo: github.com/nullcharb/LatrodectusYT Course Link: courses.null-char.com/courses/the-art-of-malware-analysis Academy Link: ask-academy.live/ Please p...
Latrodectus - Malware Analysis Part 1
Переглядів 1,1 тис.5 місяців тому
In this part 1/2 we will be doing analysis of Latrodectus Malware. Stage1: Javascript Download Link: hxxps[://]bazaar[.]abuse[.]ch/sample/4ff60df7d165862e652f73752eb98cf92202a2d748b055ff1f99d4172fa4c92f/ Stage3: Msi File Download Link: hxxps[://]bazaar[.]abuse[.]ch/sample/3a950d7e6736f17c3df90844c76d934dc66c17ec76841a4ad58de07af7955f0f Course Link: courses.null-char.com/courses/the-art-of-malwa...
Introducing new course "Offensive Development and Tradecraft"
Переглядів 3297 місяців тому
Hey Friends, In this video I am introducing my new course "Offensive Development and Tradecraft" The course website: ask-academy.live/courses/offensive-development-and-tradecraft/ Please provide feedback in the comments. To continue the conversation hit me up on twitter: 🐦 Personal Twitter - nu11charb 🐦 Academy Twitter - askacademylive
Shellcode Loader Analysis and Python3 Scripting in Ghidra
Переглядів 53410 місяців тому
In this video I share how use Python3 Scripting in Ghidra to scripts for Shellcode loader Analysis and Shellcode Extraction. Links to the Github Repo for the code: github.com/nullcharb/GhidraScripting Link to the sample: hxxps[://]bazaar[.]abuse[.]ch/sample/733be2c75022f979e6568281e76da5fd3c709ddac41a3e644f0ff88432c5d248/ This is a must watch video for people interested in Malware Analysis, Sec...
Ghidra UI Updates for Malware Analysis and Introduction to python3 scripting in Ghidra
Переглядів 37510 місяців тому
We continue our series of Ghidra basics; in this video I share how I improve the UI to make it better for Malware Analysis and introduction to python3 scripting in Ghidra via Ghidrathon. Matthews Article: embee-research.ghost.io/understanding-and-improving-ghidra-ui-for-malware-analysis/ Ghidra Scripting Repo: github.com/nullcharb/GhidraScripting This is a must watch video for people interested...
Malware Analysis Lab Basics - Part 2 - Installing Ghidra
Переглядів 1,1 тис.10 місяців тому
We continue our series of Malware Analysis Lab basics; in this video I share how I install and configure Ghidra. Ghidra Link: ghidra-sre.org/ Ghidra Dark Theme: github.com/huettenhain/ghidradark Ghidrathon: github.com/mandiant/Ghidrathon Gradle: gradle.org/releases/ This is a must watch video for people interested in Malware Analysis, Security Operations and Security Analyst roles. Course Link:...
Malware Analysis Lab Basics - Part 1 - Installing Flare VM
Переглядів 4 тис.10 місяців тому
We continue our series of Cyber Security Lab basics; in this video I share how I install and configure FlareVM. FlareVM Github Link: github.com/mandiant/flare-vm This is a must watch video for people interested in Malware Analysis, Security Operations and Security Analyst roles. Course Link: courses.null-char.com/courses/the-art-of-malware-analysis Academy Link: ask-academy.live/ Please provide...
Cyber Security Lab Basics - Installing EDR in Malware Development Lab
Переглядів 2,6 тис.11 місяців тому
In the previous video I showed how to setup Malware Development Lab. In this video we add Elastic EDR to the lab. This is a must watch video for people interested in Security Analyst, Security Engineer, SOC Analyst roles. Course Link: courses.null-char.com/courses/the-art-of-malware-analysis Academy Link: ask-academy.live/ Please provide feedback in the comments. To continue the conversation hi...
Cyber Security Lab Basics - Setting up Malware Development Lab
Переглядів 1,5 тис.Рік тому
In this video, I walk through how I setup a Malware Development Lab. This is a very basic Lab where I use Kali linux for compiling code and Windows 10 for debugging and testing the code. This kind of a lab can be the building block for a very comprehensive lab for testing EDR and Security Solutions. Source code link: github.com/nullcharb/MalwareDevelopmentLab-YT Kali Linux Setup commands: sudo ...
Zloader Malware Analysis - 1. Unpacking First stage.
Переглядів 1,7 тис.2 роки тому
Zloader Malware Analysis - 1. Unpacking First stage.
Malware Analysis of Hancitor maldoc and initial Dlls
Переглядів 1,9 тис.3 роки тому
Malware Analysis of Hancitor maldoc and initial Dlls
Analysis of Malware from Kaseya/Revil Supply Chain attack.
Переглядів 2 тис.3 роки тому
Analysis of Malware from Kaseya/Revil Supply Chain attack.
Analysis of AppleJeus Malware by Lazarus Group
Переглядів 1,3 тис.3 роки тому
Analysis of AppleJeus Malware by Lazarus Group
Analysis of malware dropped by Nobelium.
Переглядів 2 тис.3 роки тому
Analysis of malware dropped by Nobelium.
Malware Analysis: Agent Tesla Part 2/2 Final Payload Analysis
Переглядів 1,6 тис.3 роки тому
Malware Analysis: Agent Tesla Part 2/2 Final Payload Analysis
Analysis of ICEID Malware Installer DLL
Переглядів 1,8 тис.3 роки тому
Analysis of ICEID Malware Installer DLL
Malware Analysis: Agent Tesla Part 1/2 Extraction of final payload from dropper.
Переглядів 2,5 тис.3 роки тому
Malware Analysis: Agent Tesla Part 1/2 Extraction of final payload from dropper.
Extract Comrat Malware Dll's from Powershell Dropper
Переглядів 7843 роки тому
Extract Comrat Malware Dll's from Powershell Dropper
Malware Analysis: VBScript dropper for NJRat.
Переглядів 1,2 тис.3 роки тому
Malware Analysis: VBScript dropper for NJRat.
Malware Analysis of a Password Stealer
Переглядів 2 тис.3 роки тому
Malware Analysis of a Password Stealer
So refreshing to see a cybersecurity channel that gets straight down to business. No sponsors. No annoying thumbnails. No clickbait titles, just good malware analysis.
Your channel is awesome. Please keep uploading!
Great video. Thank you!
Awesome Explanation! Blog Posts usually just give a basic idea about the analysis - videos are much clearer! Thanks Ahmed!
Amazing Explanation!
I love your channel 🎉❤❤❤❤
it was a long wait for the next video in this playlist
yeah, been really busy at work.
I have a 2 3 doubts sir once u chaged the name tp payload to the demon x64 bin in all places there was already some shell stored in the tp payload variable right so does that get overwriten by the payload inside the demon x64 bin. Also the whole paters of creating memmory space writing payload to it then later executing the thread wont all be beacons in itself for any av solutions can threadless injection be done to maybe a process and execution be done through some Nt function ???
What is the best way to obfuscate shellcodes i know most would get flagged but just asking to knw some best ways to obfuscate shellcode
Great series! It will be a valuable resource for new malware developer learners. As you suggested in one of the comments, prerequisites like learning X64Dbg and Windbg are important. Could you suggest some good online learning materials on these topics? Additionally, could you please create a video from a new learner’s perspective, (or might be this is first video showing a trailer for a larger series).
great video sir all the best we are waiting more videos
awsome video sir the quality of content is top notch
Mant thanks :)
i was playing hamster kombat and my vpn get me this malware notificition and wont let me open hamster kombat , do they have it ?? :/:/
thanks but im not a windows fan can you make it for mac / ios / android?
Hello Ahmed, you said in the video that you have have your GitHub links to the source code in the video description, I do not see it. Could you please post it so we can review the code? Thanks
I am setting up a discord server where I will provide the code and answer questions related to the codes as well. Should be done this week.
@@ahmedskasmani Sounds good; looking forward to joining
could u please launch a course in udemy also for malware dev as itll be kind of cheaper and available for a many people who cant afford the 100's of dollars worth course
Let me think about it.
@@ahmedskasmani im telling that from india we dont make that much money and udemy makes a regional price parity comapred to the GDP of the country you are in many more student can learn this if it would be like that thanks for considering it hope it does happen at some point in time
@@ahmedskasmani +1 i'll buy it also but make it comprehensive for rev eng any app out there please
Kindly make a separate playlist for this series.
ua-cam.com/play/PLXlzLNcZf2-8RnKqZIYYetIuG7rnUmYz-.html
Great job man!
Thank you! Cheers!
now waiting for the next video in this series sir so far loving this series wish i could have joined the course you have on maldev but its way out of my budget so following along here next time could u do a mini malware dev course for Udemy as it will kind of ensure a GDP based pricing for people from different countries around the world
Thank you sir, all the best
Awesome video
Glad you enjoyed it
Just a noob question: why would you add logging feature in your malware?
Good Question, so the way logging is implemented is such that if u want to debug something it can be done, and when ur releasing it u can disable the logging.
Assalamualaikum... Kindly make a playlist of this please.
@@rlynotabot ha ha ha... I am ok to make if he gives me the creds 😂😂😂😂
@@rlynotabot No bro i appreciate what he is doing... I am not sure if I can make a playlist of his content in his channel itself.. As per my knowledge they only have to create a playlist... If its not included under the playlist it will scattered..
ua-cam.com/play/PLXlzLNcZf2-8RnKqZIYYetIuG7rnUmYz-.html
@@ahmedskasmani Jazakallahu khaira brother
Impressive demonstration 🙏, I'm always excited with malwares
Great content. I wish you had playlists for your different topics to make it easier to follow them.
That's a great idea!
Hi ! From a point of view , it is fun to learn this techniques, but it exists a responsibility to tech the way to prevent and fix this malware
Hell Mr Ahmed, Inchaa Allah you are in good health, thank you for these great videos can you please make an introduction video for the beginners in malware dev, like the languages we need to learn and so on Thank you very much
greatfull for you to start this series, im from india and could not afford many courses out there which are worth 100s of dollars to learn mal dev hopefully this series continues in a timely manner and many people from different parts of the world could learn these techniques
thank you!
You're welcome!
sir, i am gettig this error : error : " [+] Setting password to never expire to avoid that a password expiration blocks the installation... Set-LocalUser : The term 'Set-LocalUser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At D:\flare-vm-main\flare-vm-main\install.ps1:318 char:5 + Set-LocalUser -Name "${Env:UserName}" -PasswordNeverExpires $tru ... + ~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (Set-LocalUser:String) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : CommandNotFoundException " AND also showing a warning that we are not running it in virtual machine so will it affect our system?
great work ❤ may i ask if i want to make a script to resolve those hashes at once what can i do ?
hey great explanation but i wanted to know whats the final payload dll have impact on the system? or just a sideloading
setting operands to enum, and renaming frame members is something that you should also be scripting.
Good point. I was being lazy about it :)
brilliant. i love how you make something so detailed, like reverse engineering/malware analysis, seem so straightforward and clear. hope to see more vids in the future until i can afford the course!
Glad you liked it!
make one video on blackmatter & lockbit ransomware analysis
could you do a video on how someone could look for malware if he has doubt wether his system is infected or not
goooood
Eagerly waiting for your next video
Thanks, its released today.
Super analysis
awesome!
Great work
Many thanks
elastic search service stopping after a while? any solution
you have changed the ip address is it ubuntu ip right?
brilliant video
Many thanks!
great sounds amazing.. what about mac / linux / ios / android similar course? as i'm not a windows fan e.g. pegasus
Great work as always. The syllabus is indeed in-depth and full of advance topics. Note taking during a course is always painful and notion is looking promising. Thank you for sharing.