My Account Log in

2 options

Malware Development for Ethical Hackers : Learn How to Develop Various Types of Malware to Strengthen Cybersecurity / Zhassulan Zhussupov.

Ebook Central Academic Complete Available online

View online

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Zhussupov, Zhassulan, author.
Language:
English
Subjects (All):
Penetration testing (Computer security).
Computer security.
Hackers.
Physical Description:
1 online resource (390 pages)
Edition:
First edition.
Place of Publication:
Birmingham, England : Packt Publishing, [2024]
Biography/History:
Zhussupov Zhassulan: Zhassulan Zhusupov is a professional who wears many hats: software developer, cybersecurity enthusiast, and mathematician. He has been developing products for law enforcement for over ten years. Professionally, Zhasulan shares his experience as a malware analyst and threat hunter at the MSSP Research Lab in Kazakhstan, a cybersecurity researcher at Websec B. V. in the Netherlands, and Cyber5W in the USA. He has also actively contributed to the Malpedia project. Zhassulan's literary achievements include writing the popular ebooks "MD MZ Malware Development" and "Malwild: Malware in the Wild, " details of which can be found on his personal Github page. He is the author and co-author of numerous articles on cybersecurity blogs and has also spoken at various international conferences like Black Hat, DEFCON, BSides, Standoff, and many others. His love for his family is reflected in his role as a loving husband and caring father.
Summary:
Packed with real-world examples, this book simplifies cybersecurity, delves into malware development, and serves as a must-read for advanced ethical hackers Key Features Learn how to develop and program Windows malware applications using hands-on examples Explore methods to bypass security mechanisms and make malware undetectable on compromised systems Understand the tactics and tricks of real adversaries and APTs and apply their experience in your operations Purchase of the print or Kindle book includes a free PDF eBook Book Description Malware Development for Ethical Hackers is a comprehensive guide to the dark side of cybersecurity within an ethical context. This book takes you on a journey through the intricate world of malware development, shedding light on the techniques and strategies employed by cybercriminals. As you progress, you'll focus on the ethical considerations that ethical hackers must uphold. You'll also gain practical experience in creating and implementing popular techniques encountered in real-world malicious applications, such as Carbanak, Carberp, Stuxnet, Conti, Babuk, and BlackCat ransomware. This book will also equip you with the knowledge and skills you need to understand and effectively combat malicious software. By the end of this book, you'll know the secrets behind malware development, having explored the intricate details of programming, evasion techniques, persistence mechanisms, and more. What you will learn Familiarize yourself with the logic of real malware developers for cybersecurity Get to grips with the development of malware over the years using examples Understand the process of reconstructing APT attacks and their techniques Design methods to bypass security mechanisms for your red team scenarios Explore over 80 working examples of malware Get to grips with the close relationship between mathematics and modern malware Who this book is for This book is for penetration testers, exploit developers, ethical hackers, red teamers, and offensive security researchers. Anyone interested in cybersecurity and ethical hacking will also find this book helpful. Familiarity with core ethical hacking and cybersecurity concepts will help you understand the topics discussed in this book more easily.
Contents:
Cover
Title Page
Copyright and Credits
Contributors
Table of Contents
Preface
Part 1: Malware Behavior: Injection, Persistence, and Privilege Escalation Techniques
Chapter 1: Quick Introduction to Malware Development
Technical requirements
What is malware development?
A simple example
Unpacking malware functionality and behavior
Types of malware
Reverse shells
Practical example: reverse shell
Practical example: reverse shell for Windows
Demo
Leveraging Windows internals for malware development
Practical example
Exploring PE-file (EXE and DLL)
The art of decieving a victim's systems
Summary
Chapter 2: Exploring Various Malware Injection Attacks
Traditional injection approaches - code and DLL
Code injection example
DLL injection
DLL injection example
Exploring hijacking techniques
DLL hijacking
Understanding APC injection
A practical example of APC injection
A practical example of APC injection via NtTestAlert
Mastering API hooking techniques
What is API hooking?
Chapter 3: Mastering Malware Persistence Mechanisms
Classic path: registry Run Keys
Leveraging registry keys utilized by Winlogon process
A practical example
Implementing DLL search order hijacking for persistence
Exploiting Windows services for persistence
Hunting for persistence: exploring non-trivial loopholes
How to find new persistence tricks
Chapter 4: Mastering Privilege Escalation on Compromised Systems
Manipulating access tokens
Windows tokens
Local administrator
SeDebugPrivilege.
A simple example
Impersonate
Password stealing
Leveraging DLL search order hijacking and supply chain attacks
Circumventing UAC
fodhelper.exe
Part 2: Evasion Techniques
Chapter 5: Anti-Debugging Tricks
Detecting debugger presence
Practical example 1
Practical example 2
Spotting breakpoints
Identifying flags and artifacts
ProcessDebugFlags
Chapter 6: Navigating Anti-Virtual Machine Strategies
Filesystem detection techniques
VirtualBox machine detection
Approaches to hardware detection
Checking the HDD
Time-based sandbox evasion techniques
Identifying VMs through the registry
Chapter 7: Strategies for Anti-Disassembly
Popular anti-disassembly techniques
Exploring the function control problem and its benefits
Obfuscation of the API and assembly code
Crashing malware analysis tools
Chapter 8: Navigating the Antivirus Labyrinth - a Game of Cat and Mouse
Understanding the mechanics of antivirus engines
Static detection
Heuristic detection
Dynamic heuristic analysis
Behavior analysis
Evasion static detection
Evasion dynamic analysis
Circumventing the Antimalware Scan Interface (AMSI)
Advanced evasion techniques
Syscalls
Syscall ID
Userland hooking
Direct syscalls
Bypassing EDR
Summary.
Part 3: Math and Cryptography in Malware
Chapter 9: Exploring Hash Algorithms
Understanding the role of hash algorithms in malware
Cryptographic hash functions
Applying hashing in malware analysis
A deep dive into common hash algorithms
MD5
SHA-1
Bcrypt
Practical use of hash algorithms in malware
Hashing WINAPI calls
MurmurHash
Chapter 10: Simple Ciphers
Introduction to simple ciphers
Caesar cipher
ROT13 cipher
ROT47 cipher
Decrypting malware - a practical implementation of simple ciphers
ROT13
ROT47
The power of the Base64 algorithm
Base64 in practice
Chapter 11: Unveiling Common Cryptography in Malware
Overview of common cryptographic techniques in malware
Encryption resources such as configuration files
Cryptography for secure communication
Payload protection - cryptography for obfuscation
Chapter 12: Advanced Math Algorithms and Custom Encoding
Exploring advanced math algorithms in malware
Tiny encryption algorithm (TEA)
A5/1
Madryga algorithm
The use of prime numbers and modular arithmetic in malware
Implementing custom encoding techniques
Elliptic curve cryptography (ECC) and malware
Part 4: Real-World Malware Examples
Chapter 13: Classic Malware Examples
Historical overview of classic malware
Early malware
The 1980s-2000s - the era of worms and mass propagation
Malware of the 21st century
Modern banking Trojans
The evolution of ransomware
Analysis of the techniques used by classic malware.
Evolution and impact of classic malware
Lessons learned from classic malware
Chapter 14: APT and Cybercrime
Introduction to APTs
The birth of APTs - early 2000s
Operation Aurora (2009)
Stuxnet and the dawn of cyber-physical attacks (2010)
The rise of nation-state APTs - mid-2010s onward
What about the current landscape and future challenges?
Characteristics of APTs
Infamous examples of APTs
APT28 (Fancy Bear) - the Russian cyber espionage
APT29 (Cozy Bear) - the persistent intruder
Lazarus Group - the multifaceted threat
Equation Group - the cyber-espionage arm of the NSA
Tailored Access Operations - the cyber arsenal of the NSA
TTPs used by APTs
Persistence via AppInit_DLLs
Persistence by accessibility features
Persistence by alternate data streams
Chapter 15: Malware Source Code Leaks
Understanding malware source code leaks
The Zeus banking Trojan
Carberp
Carbanak
Other famous malware source code leaks
The impact of source code leaks on the malware development landscape
Zeus
Significant examples of malware source code leaks
Chapter 16: Ransomware and Modern Threats
Introduction to ransomware and modern threats
Analysis of ransomware techniques
Conti
Hello Kitty
Case studies of notorious ransomware and modern threats
Case study one: WannaCry ransomware attack
Case study two: NotPetya ransomware attack
Case study three: GandCrab ransomware
Case study four: Ryuk ransomware
Modern threats
Mitigation and recovery strategies
Index
Other Books You May Enjoy.
Notes:
Includes index.
Description based on publisher supplied metadata and other sources.
Description based on print version record.
ISBN:
9781801076975
1801076979
OCLC:
1437273132

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account