bypassing windows defender | Malware development
//////////////////////////////// resources /////////////////////////////////
github repo : https://github.com/Ximoxkil547/undete...
yara description : https://yara.readthedocs.io/en/stable/
/////////////////////////////// description ///////////////////////////////
in this video we show case how to bypass windows defender by getting a reverse shell that was created in c++ from github and make it undetectable based on what we have learned in the video.
we gonna learn about windows internals, windows api functions, how to use socket library, how windows defender works, how obfuscation works, what is obfuscation
Windows Defender bypass
Reverse shell creation
C++ reverse shell
GitHub reverse shell
Malware development 101
Undetectable reverse shell
Windows internals
Windows API functions
Socket library usage
Windows Defender detection evasion
Obfuscation techniques
Obfuscation methods
Understanding obfuscation
Windows security bypass
Anti-virus evasion techniques
Malware evasion tactics
Hacking Windows defenses
Reverse engineering Windows
Cybersecurity bypass techniques
Exploiting Windows vulnerabilities
Bypassing antivirus software
Avoiding detection by Windows Defender
----------------------------------MENU----------------------------------
00:00 intro
00:28 - plan of the video
00:48 - what is win defender & how it works
01:10 - static analysis ( signature detection )
03:03 - checking for imports
03:29 - entropy
04:01 - dynamic analysis
04:41 - simple reverse shell from github
04:51 - exclude the github reverse shell from windows defender
04:56 - the tools we gonna use
05:20 - explaining the simple reverse shell
05:46 - what the hack is a windows socket
07:16 - getting back to code
09:55 - running the first part of the code
10:15 - starting the cmd process
11:58 - running our reverse shell
12:44 - why windows defender detect us
13:03 - what is obfuscation
13:31 - create the obfuscation function
14:35 - creating the getoriginal string function
14:47 - the question that will come to your mind
15:12 - load the library in the run time
15:44 - calling the functions from the loaded library
16:19 - the final version of our code
17:11 - the import address table
17:53 - explaining one part
14:47 - the question that will come to your mind
18:38 - running our obfuscated shell
---------------------------------------------------------------------------------
The content in this video is for educational purposes only. We do not promote or condone any illegal activity or hacking without the expressed
written consent of the target. Any actions taken by viewers based on the content of this video is solely at their own risk and we will not be held
liable for any damages or legal consequences that may arise.
