REVIEW: RED TEAM Operator: Malware Development Essentials Course by SEKTOR7 Institute

This is my review of the RED TEAM Operator: Malware Development Essentials course offered by SEKTOR7 Institute. Full disclosure: as an affiliate, I make money with qualifying purchases.

Overall, I enjoyed this course as well as SEKTOR7 Instutute’s other offerings. When I started this course, I already had experience with C programming on Linux, and limited experience with programming on Windows. I felt that this course was a solid introduction to Windows malware development for someone like me who has limited experience with Windows development.

Here is a video of the course author describing the contents of this course.

If you are interested in a crash course in writing malware for Windows in C, this course offers a fantastic introduction.

This course took me about a week to complete, and a few hours on the weekend to develop the final project. I spent around 16 hours of time total. Additional research done independently as a result of this course provided me with hours of entertainment and learning opportunities. Your mileage may vary depending on how familiar you are with the concepts covered in the course.

What You Will Receive

~3 hours of instruction delivered via a web portal.

Well-commented, easy to understand C source code examples of all of the covered techniques.

A Windows VM with Visual Studio and additional development tools installed.

What is Covered

PE file basics; EXE vs DLLs, tools to examine PE files, structure of PE files, …

Droppers; a few ways to store your payloads inside of an EXE or DLL file

Obfuscation and Encryption; string obfuscation, basic AV evasion, call obfuscation, …

Backdooring PE files.

Basic code injection techniques and tactics.

Final Project

The final project involves developing your own malware dropper program, incorporating the anti-analysis techniques covered in the course.

If this sounds interesting, this course can be purchased here.

If this sounds too basic, there are also other offerings from SEKTOR7 including courses on intermediate malware development, privilege escalation, and my favorite, persistence.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s