Preface
- [Course Introduction]
- [Course Preview + Curriculum]
Module 1: DLLs and Basic Loading
- Introduction to DLLs (Theory 1.1)
- Introduction to Shellcode (Theory 1.2)
- Standard DLL Loading in Windows (Theory 1.3)
- Create a Basic DLL (Lab 1.1)
- Create a Basic Loader in Go (Lab 1.2)
Module 2: PE Format for Loaders
- PE File Structure Essentials (Theory 2.1)
- Addressing in PE Files (Theory 2.2)
- PE Header Inspection with PE-Bear (Lab 2.1)
- PE Header Parser in Go (Lab 2.2)
Module 3: Reflective DLL Loading Core Logic
- Intro to Reflective DLL Loading (Theory 3.1)
- Memory Allocation (Theory 3.2)
- Mapping the DLL Image (Theory 3.3)
- Manual DLL Mapping in Go (Lab 3.1)
Module 4: Handling Relocations and Imports
- Base Relocations (Theory 4.1)
- IAT Resolution (Theory 4.2)
- Intentional Base Relocation (Lab 4.1)
- IAT Processing (Lab 4.2)
Module 5: Execution and Exports
- The DLL Entry Point (Theory 5.1)
- Exported Functions (Theory 5.2)
- Call DllMain (Lab 5.1)
- Call Exported Function (Lab 5.2)
Module 6: Basic Obfuscation - XOR
- Introduction to Obfuscation (Theory 6.1)
- Simple XOR (Theory 6.2)
- XOR Functions in Go (Lab 6.1)
- Obfuscated Loading (Lab 6.2)
Module 7: Rolling XOR & Key Derivation
- Rolling XOR (Theory 7.1)
- Key Derivation Logic (Theory 7.2)
- Implementing Rolling XOR (Lab 7.1)
- Implementing Key Derivation (Lab 7.2)
Module 8: Network Delivery & Client/Server
- Client + Server Communication (Theory 8.1)
- Communication Protocol Design (Theory 8.2)
- Environmental Keying + Client ID (Theory 8.3)
- Client + Server Logic (Lab 8.1)
- Implement Client ID and Key Derivation (Lab 8.2)