📌 Use code "CROW10" for 10% off your order when you checkout at Maldev Academy FOR A LIMITED TIME! ---> maldevacademy.com/?ref=crow I better see you dorks in kernel-land soon >:) 🫠 ERRATA: - 51:43 I meant the opposite. You're copying data from your SOURCE into your DESTINATION. Y'KNOW, LIKE A NORMAL PERSON WOULD SAY.
2:37 I mentioned this in a seminar and everyone including the professor talked about me like I was crazy or I’m a bad guy or that ethical hackers wouldn’t dream of doing such a thing. We just run nmap and metasploit…don’t mean to vent but it’s good to know I’m not crazy for thinking that way
This is f*cking awesome, never knew this was even possible lol, was literally creating a new process to delete my malware for self deletion 🙃 keep it up crow best mal dev on youtube for sure
Why write in assembly instead of implementing it in C like the kernel does? It's way more readable, you don't need to deal with linking in an assembly file, and there's no "extern"s required in your headers. Also, it's kinda overkill, but another fun approach to anti-anti-debugging would be to hook the program's anti-debugging function and force it to always return false (or just patch the binary). Anyway, loved the video! This was super informative. I've had a lot of issues with my non-malicious process injection getting flagged by Defender. I never even thought to re-implement suspicious imports myself.
Sorry for asking, but the file that is still being viewed, it can not delete itself in the middle right? the deletion is only possible after the executable is done running. but this is a problem, if a file is being gives a command for self deletion, it is technically still running, and running file can not be deleted. Is it some sort of extrafile buffer? like, windows gets the command to delete and it does after the file is done running?
I cant believe I watched a 1 hour video involving a language I don't even code in on a daily basis (I do code in C++ rarely for a variety of reasons so don't go all: "C++ is superior" on me)
I am crying from happiness at the moment, I am truly happy that you got your video out which you worked hard on crow. I hope you take a break and dont suffer from burnout my brother :)
So, intead of self deletion I had an idea once of a program that would embed some data inside the executable file. I wonder if it is possible to do with alternate data streams, would be cool to have a single exe that saves all the data it generated traveling between different machines.
Been on the platform for a month now and can say that it's completely worth it, there are cheaper options though (Sektor 7 for example) though they're not as in-depth/up to date as maldev academy
Me compiling a hello world program and executing only for the executable to get blocked by Windows Defender as malware. Also me: IAM MALWARE DEVLOPER \o/
Hello, thanks for the video, When getting a handle to the file, from where did we find that we can give the CreateFileW the values (delete | sync) for the dwDesiredAccess field, since I haven't found that documented anywhere !!!
Tbf, in a war malware can be handy. Like let's say hypothetically Russia starts a war with another country, but all their electronics suddenly show a ransomware message
Like always awesome vid! btw what IDE do you use?, and also, can you do a video on how to setup windows 10 for malware development? cuz downloading the C++ compiler (gcc) is making me want to "self delete" if u know what I mean
Gotta take another crack at this from the beginning. Somehow my smart dumbass got the program to work but in reverse. I’ve played around with it and even tried some else statements but still a great video. I learned a lot…just gotta rest my eyes…
EDRs, XDRs and AVs rely on being online to update their signatures and whatnot, having them offline can make it harder for them to pick up newer malware strains
@@lavender0666 automatic updates feel like a good attack vector, heck if that were my thing that would be one of the first ways I'd try and get in, by emulating the antivirus vendors servers, even if I failed I'd be able to figure out what I was up against.
@@principleshipcoleoid8095 Look up cyber warfware. If a country is attacking another country's assets as soldiers/military personnel then that's okay but if you're doing vigilante stuff that's a legal gray
I'm trolling. You do you boo boo. Videos are very entertaining even though I don't know wtf you are talking about. (I do, again trolling) You owe me a motherboard.
📌 Use code "CROW10" for 10% off your order when you checkout at Maldev Academy FOR A LIMITED TIME! ---> maldevacademy.com/?ref=crow
I better see you dorks in kernel-land soon >:)
🫠 ERRATA:
- 51:43 I meant the opposite. You're copying data from your SOURCE into your DESTINATION. Y'KNOW, LIKE A NORMAL PERSON WOULD SAY.
CROOOOOOOOOOOOOOOOOOOW
Ahhh this is only for the lifetime subscription. Dang
YES
see you next year on your next upload
YEAHH!!!!!
CROW'S FIRST SPONSER???? LETS GOOOOOOOOOOOO
2:37 I mentioned this in a seminar and everyone including the professor talked about me like I was crazy or I’m a bad guy or that ethical hackers wouldn’t dream of doing such a thing. We just run nmap and metasploit…don’t mean to vent but it’s good to know I’m not crazy for thinking that way
This is one of the few Tutorials I know that actually are fun to watch, love the way you make the videos
Bro I literally thought of this and was trying to make it yesterday how tf am I this lucky that crow is covering it
This is the only channel i know where sponsors doesn't feel like garbage, my lifetime subscription to MDA is going BRRRRRRR
Can you do persisting next. @crow
I love the shear joy CROW shares when everything comes together at the end 😁
i mean, watching this at like literally 3 am and so inspired that im gonna try it out my self instead of sleeping. amazing content bro keep it up
Another masterpiece. I have learned SO much from these videos and what I have read from the discord.
This is f*cking awesome, never knew this was even possible lol, was literally creating a new process to delete my malware for self deletion 🙃 keep it up crow best mal dev on youtube for sure
Ohhh yeaaaaa we need lots of videos like this about modern red team and malware development please
A wise man once said "With great power, comes great electricity-bill"
Perfect content, Perfect quality, Perfect explanation 🔥
never have i clicked on an hour long youtube video faster than i have with this. I'm in a for a treat!
I'm itching for the 4th video in this series. Thanks for the videos crow.
Why write in assembly instead of implementing it in C like the kernel does? It's way more readable, you don't need to deal with linking in an assembly file, and there's no "extern"s required in your headers.
Also, it's kinda overkill, but another fun approach to anti-anti-debugging would be to hook the program's anti-debugging function and force it to always return false (or just patch the binary). Anyway, loved the video! This was super informative. I've had a lot of issues with my non-malicious process injection getting flagged by Defender. I never even thought to re-implement suspicious imports myself.
The Maplestory BGM is what keep me watching
Bro the video editing was great, awesome new vid!
Sorry for asking, but the file that is still being viewed, it can not delete itself in the middle right? the deletion is only possible after the executable is done running.
but this is a problem, if a file is being gives a command for self deletion, it is technically still running, and running file can not be deleted. Is it some sort of extrafile buffer? like, windows gets the command to delete and it does after the file is done running?
Crazy production, information and comedy
I saw a one hour video with
A language i dont use
A field i am not in
terms i have no clue about
OS i dont know much about
10/10 will watch again.
I cant believe I watched a 1 hour video involving a language I don't even code in on a daily basis (I do code in C++ rarely for a variety of reasons so don't go all: "C++ is superior" on me)
C++ is superior
C++ is superior
C++ is superior
Keep coming out with these videos. Love them 🔥
Babe wake up new crow just dropped!
oh my god mom cancel my plans new crow video just dropped!!
Just yesterday, I was wondering when's your next video coming ... And today I get this notification! 😊 Thank you crow! 🍻 😊
it is illegal to delete this video!
Crow=Legend!
Great video and congrats on the sponsor man keep it up!
What a interesting stuff!!!!!!
I learned a TON!!!!!!!!
CAN'T WAIT TO SEE YOUR NEXT VIDEO
I am crying from happiness at the moment, I am truly happy that you got your video out which you worked hard on crow. I hope you take a break and dont suffer from burnout my brother :)
Amazing video, keep up the good work
holy shit holy shit holy shit holy shit
CONGRATS ON YOUR FIRST SPONSOR DUDE
YAYY!! NEW CROW VIDEOO WE MISSED YOUUU
i love the maplestory music
So, intead of self deletion I had an idea once of a program that would embed some data inside the executable file. I wonder if it is possible to do with alternate data streams, would be cool to have a single exe that saves all the data it generated traveling between different machines.
Your's is the only hour long video i'd watch
You forgot to tickle Mr. Rat. He will not be happy. I hear 22kHz here. (Only people from discord server understand)
Lord Have Mercy on My Analyst Soul 😧
you're my hero.
It's just remembering me of 29a VX group in 2000's 😃
these are the best of the whole yt prove me wrong
the pricing is absolutely insane
Been on the platform for a month now and can say that it's completely worth it, there are cheaper options though (Sektor 7 for example) though they're not as in-depth/up to date as maldev academy
Let's go man this channel is amazing keep on the good work fr best channel on UA-cam damn
Me compiling a hello world program and executing only for the executable to get blocked by Windows Defender as malware.
Also me: IAM MALWARE DEVLOPER \o/
Woke up to a new video let’s go
Why renaming the default datastream before deleting it ?
Can't you just delete the default one ?
This video is amazing man, keep it up :)
Hello, thanks for the video,
When getting a handle to the file, from where did we find that we can give the CreateFileW the values (delete | sync) for the dwDesiredAccess field, since I haven't found that documented anywhere !!!
kindly give us a roadmap "how to learn cyber security from scratch to advance"
Tbf, in a war malware can be handy. Like let's say hypothetically Russia starts a war with another country, but all their electronics suddenly show a ransomware message
Cyber Warfare is a real thing already, there are state sponsored hackers in all governments (see NSA/CIA for US)
Like always awesome vid! btw what IDE do you use?, and also, can you do a video on how to setup windows 10 for malware development? cuz downloading the C++ compiler (gcc) is making me want to "self delete" if u know what I mean
Heuristics is most power come from at antivruses.
All your videos are amazing dude thanks ! Keep it up !
However here I don’t get why we need ADS, can’t the malware goes to deletion phase directly ?
This gonna last me for the next month
ur vids are great! i feel violated by the stream of information that we have access too in this day and age :^)
Gotta take another crack at this from the beginning. Somehow my smart dumbass got the program to work but in reverse. I’ve played around with it and even tried some else statements but still a great video. I learned a lot…just gotta rest my eyes…
I’m an idiot lol. The joys and pain of coding. Smh
I love your videos! Please don't stop 🙏
HYPEEEE NEW CROW VIDEO
4:40 what is that obsidian theme tho 🔥
@@mathis5281 Thanks thats exactly it!
A SPONSOR AND CROWS RAT VOICE REVEAL. TODAY'S A GOOD DAY.
why do I think of you as my personal mentor😊
28:07 there actually was a 1337 process on my pc, i was wondering why it didn't and i was getting a handle wtf
The process is different for everyone, they're not hardcoded in but given on runtime (process creation)
I shall become a rat amongst men
Their AI needs to train on a protection less computer so it can best serve both sides.
great video, thanks a lot 👍
this vid is god tier.
Make a video how malware can tell if the OS is updated using windows update.
YES CROW
So is there any defensive software you would recommend? That primarily uses behavioral heuristics without having to be online...‽
EDRs, XDRs and AVs rely on being online to update their signatures and whatnot, having them offline can make it harder for them to pick up newer malware strains
@@lavender0666 automatic updates feel like a good attack vector, heck if that were my thing that would be one of the first ways I'd try and get in, by emulating the antivirus vendors servers, even if I failed I'd be able to figure out what I was up against.
@@petevenuti7355 that's not a new thing, they're called Trojans and they've been around for decades
is it possible to patch memory that is protected by vmprotect ?
Hi crow great content!! I really enjoy your videos,Can you do a video about how memory works, virtual memory, pages and memory protections?
How'd you learn C and Assembly? MalDev Academy or TCM. DeWalt, Alex and the crew at TCM are awesome.
LET'S GOO C:
:D
very cool very pog very based
I LOVE YOU, CRYPTID
I'd really suggest you to upload videos to somewhere else other than UA-cam, Until and unless they delete this gem like content.
I’ve used these techniques and am now in jail.
Awesome content 🎉🎉🎉🎉
stop defending your self from non programmers just ignore them their dislikes don't matter
Jit you not black
HOLY MOLY 1 ENTIRE HOUR NOW I GET WHY YOU'RE BEEN GONE SO MUCH
GET THAT BREAD BRO
SORRY, CROW, BUT WHERE'S MY FUCKEN RAT
is there any financial in malware dev (this is for educational purpose)
red team developer
Ooooh noooo, you missed UEBA!!!
This is amazing content! I wish I found you sooner...
2:45 can malware be a form of self defence?
you're gonna have to expand on that, if you're attacking someone without explicit permission then that's a crime
@@lavender0666 Russia. Well it's military. Didn't want to get attacked? Then should had not started a war in 2014 or escalated it.
@@principleshipcoleoid8095 Look up cyber warfware. If a country is attacking another country's assets as soldiers/military personnel then that's okay but if you're doing vigilante stuff that's a legal gray
can we have a video on how to heck Roblox please 🥺
crow can you make a video on how to hack into the hexagon >:)
hacking is 4 nerdz and ill eagle no tanks (they're in my walls listening to me)
Thanks for the tutorial and infecting me with AdWare at the same time. Great! = D
I'm trolling. You do you boo boo. Videos are very entertaining even though I don't know wtf you are talking about. (I do, again trolling) You owe me a motherboard.
OH AH!!! 10% OFF ETERNAL ACCESS!!! LETS GOOOOOOO RATS!!!
Where are you?
Hey awesome tutorial ! is the source code available? i couldn't find it in GH
Bro do you also have courses?
awesome job bro. Time to kick a$$
1:38 can malware be used to arrest Putin? Can it? Can it be used for that?
it's all about that 1:00:51
هل انت عربي
777 like btw. I use arch btw. Wonderful video btw. U got hr ass ur first sponsor congratulations 🎉🎉🎉🎉🎉🎉🎉❤❤❤ btw. (I use arch)
Большое спасибо за твои видео 😼💖
Rule number 0.5: disconnect yourself from the internet ( the best solution )
Stuxnet :^)
@@lavender0666fucking hell lmao
First ever crow video that confuses me...
Henlo, wer video, post soon