Welcome to this course where you’ll learn how to build a decentralized malware bot with Python that targets Windows operating systems. Python is de-facto language used by ethical hackers and learning it for you professional career can boost your chances of employment as a cyber security professional.
This course is an entry point for offensive penetration testers and won’t dive deep into any of the topics, but covers a lot of basics. This intentional lack of depth makes novice penetration testers explore this course as an inspiration, a way of thought. Contents of this course are needed for completing security certifications and can be specially of importance if you want to start learning about malware analysis and reverse engineering. This is a technical course but the emphasis is on problem solving.
This course can also be useful for system administrators and those of you who prefer a defensive approach in penetration testing, as you can see how systems can get infected, how and where malware can hide itself, what parts of Windows are affected by the infection, how important it is to patch and update the operating system, how simple user interaction may trigger a malware infection, and how not blacklisting unnecessary local and web services can lead to potentially catastrophic consequences for your organization.
In this course you will learn how to write a malware bot that uses free messaging protocols and file hosting services instead of traditional personal servers used for communication by malwares and botnets. It’s assumed you don’t have much prior knowledge in Python programming, therefore in a series of videos, an overview of Python language is presented that can be very informative as a recap or for those who already know how to code in another programming language.
This course is divided into a number of sections and in each one you will learn how to write a specific part of our final code. In these sections we learn using communication protocols and file hosting services, sniffing Internet traffic, keylogging, encrypting and decryption data, spreading our malware, persistence and privilege escalation and so on. Then we learn how to put all the parts together, schedule functions and create a standalone executable that can even update itself.
The bad news is time flies, the good news is I’m your pilot! All videos have been edited so you won’t waste time watching me make mistakes or type code. I hate powerpoint presentations, therefore I used none-linear presentation applications for this course so watching them can be enjoyable, to say the least.
If you had any problem, contact me via q&a section and I’ll get back to you within 12 hours.
UPDATE NOTICE (05-17-19):
Added ‘Abusing file[.]io’ video in ‘2. Communicating With Our Bot’ section.
Added ‘Another Keylogger’ in ‘4. Keylogging’ section.
Added comments to ‘allTogether[.]py’ in exercise files.
From now on, you can download each section’s exercise files from its own section. Updated exercise files are time-stamped. Exercise files are also available as one single zip file in its own section.
Music: bensound dot com