OP 17 May, 2022 - 04:15 AM
I don't know if this is allowed here or not, but I'll just post it anyway, and if it's not, it'll get deleted.
I've learned C/CPP, Python, and C#. I don't think I'm capable of making any useful (intermediate) things in assembly, but I certainly understand it. I've done 7 days of reverse engineering. That shit is not for intermediates like me, but I learned some malware tricks like unhooking APIs, direct syscalls, detecting a debugger, etc. It's not amazing, but I think it's a start.
I've read some old books on malware and got very little out of them since they're not fresh, but I'm planning on reading some malware analysis books, some very fresh ones.
I'm Capable Of Building:
1. crypters & Injectors: I know it's the easiest thing.
2. hiding API calls: bypasses usermode hooks while still being monitored in the kernel object manager. so it is only limited to usermode. I'm planning on reading a "kernel programming" book though. I know I'll need to find a weak driver to get kernel privs, but I'm not there yet, so...
3. static obfuscators: only source code obfuscation, but I'm planning to learn LLVM IR transformation passes. I tried disassembling and obfuscating, but lifting binaries is hard as hell, so I'll keep the LLVM IR obfuscator idea for now. I don't really need it at the moment, but my source code obfuscator is only making samples that are 30-35% different from each other, so it might come in handy after a while. Especially with the heuristic analysis progressing month by month.
Another thing is that I'm planning on adding virtualization (to make the analyst frustrated) in the far future, but it's okay to get analyzed by some analyst after a month or so, unless there is a way to market it better without getting deannonymized.
Books On My List:
1. Art Of Intel x86 Assembly: started reading it but haven't finished it, I didn't need to TBH
2. Windows 10 System Programming: Currently Reading it
3. Windows 10 System Programming (part 2)
4. Windows System Internals 7th Part 1:
5. Windows Kernel Programming
6. The Ida Pro Book 2nd Edition
1. The Art of Computer Virus Research and Defense
2. Malware, Rootkits And Botnets - A Beginner's Guide (2013): very old but I heared it has some great stuff
3. Metamorphic Code Generator based on bytecode of LLVM IR
4. AntiVirus Bypass Techniques
1. Practical Malware Analysis
It's a really long journey. That's why I'm trying to make a team. Feel free to say whatever you want if you don't like the idea. But if you're interested, just DM or comment or whatever, and then we can discuss this.
############## THE BORING STUFF
I've done some RAT programming with very basic functionalities, communication through the TOR network (not that fast, but better anonymity), and I implemented TLS. I know custom is bad, but it can be improved and I didn't like the idea of external libs, so...
My opsec might not be that great, but I think it's enough for the current time.![[Image: wink.png]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fmedia.nulled.to%2Fpublic%2Fstyle_emoticons%2Fdefault%2Fwink.png)
for people who are not that good: everything can be learned if you have the time and willing to put the effort.
for ninjas: I'm willing to put all the effort and I have all the time in the world, matter of fact this is the only thing I care about.
I've learned C/CPP, Python, and C#. I don't think I'm capable of making any useful (intermediate) things in assembly, but I certainly understand it. I've done 7 days of reverse engineering. That shit is not for intermediates like me, but I learned some malware tricks like unhooking APIs, direct syscalls, detecting a debugger, etc. It's not amazing, but I think it's a start.
I've read some old books on malware and got very little out of them since they're not fresh, but I'm planning on reading some malware analysis books, some very fresh ones.
I'm Capable Of Building:
1. crypters & Injectors: I know it's the easiest thing.
2. hiding API calls: bypasses usermode hooks while still being monitored in the kernel object manager. so it is only limited to usermode. I'm planning on reading a "kernel programming" book though. I know I'll need to find a weak driver to get kernel privs, but I'm not there yet, so...
3. static obfuscators: only source code obfuscation, but I'm planning to learn LLVM IR transformation passes. I tried disassembling and obfuscating, but lifting binaries is hard as hell, so I'll keep the LLVM IR obfuscator idea for now. I don't really need it at the moment, but my source code obfuscator is only making samples that are 30-35% different from each other, so it might come in handy after a while. Especially with the heuristic analysis progressing month by month.
Another thing is that I'm planning on adding virtualization (to make the analyst frustrated) in the far future, but it's okay to get analyzed by some analyst after a month or so, unless there is a way to market it better without getting deannonymized.
Books On My List:
1. Art Of Intel x86 Assembly: started reading it but haven't finished it, I didn't need to TBH
2. Windows 10 System Programming: Currently Reading it
3. Windows 10 System Programming (part 2)
4. Windows System Internals 7th Part 1:
5. Windows Kernel Programming
6. The Ida Pro Book 2nd Edition
1. The Art of Computer Virus Research and Defense
2. Malware, Rootkits And Botnets - A Beginner's Guide (2013): very old but I heared it has some great stuff
3. Metamorphic Code Generator based on bytecode of LLVM IR
4. AntiVirus Bypass Techniques
1. Practical Malware Analysis
It's a really long journey. That's why I'm trying to make a team. Feel free to say whatever you want if you don't like the idea. But if you're interested, just DM or comment or whatever, and then we can discuss this.
############## THE BORING STUFF
I've done some RAT programming with very basic functionalities, communication through the TOR network (not that fast, but better anonymity), and I implemented TLS. I know custom is bad, but it can be improved and I didn't like the idea of external libs, so...
My opsec might not be that great, but I think it's enough for the current time.
for people who are not that good: everything can be learned if you have the time and willing to put the effort.
for ninjas: I'm willing to put all the effort and I have all the time in the world, matter of fact this is the only thing I care about.
![[Image: ssohLjJHh5CYbn4s.gif]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fshare.creavite.co%2FssohLjJHh5CYbn4s.gif)
