Tbh I think if someone fr wants to learn malware development you shouldn't even begin studying malware techniques
You should focus on things that interact with the OS, like file creation (and all the silly quirks of it on Windows), working with the registry, file system enumeration, basic networking stuff (WinHTTP vs WinInet vs WinSocks vs IpHelper).
Having a good understanding of these will make life a lot easier
Then when you feel really really comfortable and do silly stuff like that, then slowly introduce some malware stuff because a lot of malware stuff is just abusing the concepts described above
Also probably explore the Windows API and all the weird shit inside of it that isn't documented well. I also recommend reviewing ReactOS source code to get an understanding of what's going on under the hood
ReactOS isn't 1-1, but it's close enough
You should focus on things that interact with the OS, like file creation (and all the silly quirks of it on Windows), working with the registry, file system enumeration, basic networking stuff (WinHTTP vs WinInet vs WinSocks vs IpHelper).
Having a good understanding of these will make life a lot easier
Then when you feel really really comfortable and do silly stuff like that, then slowly introduce some malware stuff because a lot of malware stuff is just abusing the concepts described above
Also probably explore the Windows API and all the weird shit inside of it that isn't documented well. I also recommend reviewing ReactOS source code to get an understanding of what's going on under the hood
ReactOS isn't 1-1, but it's close enough
Windows unironically has a fuckin bazillion different ways to make files and work with them. Even understanding all of these different ways can be super beneficial
If I had the time, energy patience, and anime, i could make like a fucking 2 hour long documentary on YouTube just discussing file creation on Windows (from the user mode side)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
