You're reading from Malware Development for Ethical Hackers Learn how to develop various types of malware to strengthen cybersecurity

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781801810173

Length 402 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Zhassulan Zhussupov

View More author details

Table of Contents (24) Chapters

Preface

1. Part 1: Malware Behavior: Injection, Persistence, and Privilege Escalation Techniques

2. Chapter 1: A Quick Introduction to Malware Development FREE CHAPTER

3. Chapter 2: Exploring Various Malware Injection Attacks

4. Chapter 3: Mastering Malware Persistence Mechanisms

5. Chapter 4: Mastering Privilege Escalation on Compromised Systems

6. Part 2: Evasion Techniques

7. Chapter 5: Anti-Debugging Tricks

8. Chapter 6: Navigating Anti-Virtual Machine Strategies

9. Chapter 7: Strategies for Anti-Disassembly

10. Chapter 8: Navigating the Antivirus Labyrinth – a Game of Cat and Mouse

11. Part 3: Math and Cryptography in Malware

12. Chapter 9: Exploring Hash Algorithms

13. Chapter 10: Simple Ciphers

14. Chapter 11: Unveiling Common Cryptography in Malware

15. Chapter 12: Advanced Math Algorithms and Custom Encoding

16. Part 4: Real-World Malware Examples

17. Chapter 13: Classic Malware Examples

18. Chapter 14: APT and Cybercrime

19. Chapter 15: Malware Source Code Leaks

20. Chapter 16: Ransomware and Modern Threats

21. Chapter 17: Unlock Your Book’s Exclusive Benefits

How to unlock these benefits in three easy steps

22. Index

Why subscribe?

23. Other Books You May Enjoy

Circumventing UAC

In this section, we demonstrate one of the more intriguing UAC bypass techniques: modifying the registry via fodhelper.exe.

By modifying a registry key, the execution flow of a privileged program is ultimately redirected to a controlled command. Common occurrences of key-value misuses frequently involve the manipulation of the windir and systemroot environment variables, as well as shell open commands that target particular file extensions, depending on the program that is targeted:

HKCU\\Software\\Classes\<targeted_extension>\\shell\\open\command (Default or DelegateExecute values) on the target system
HKCU\\Environment\\windir
HKCU\\Environment\\systemroot

fodhelper.exe

The introduction of fodhelper.exe in the Windows 10 operating system aimed to facilitate the management of optional features, such as region-specific keyboard settings. The location of the subject is as follows: the C:\\Windows\System32\fodhelper.exe file path corresponds...