DSO1: Malware Dev Training

Review of the Dark Side Operation: Malware Dev Training from Silent Break Security

Introduction

I had the chance to attend to the DSO1 training in June 2020. I missed the online training that was offered at the Northsec 2020 because it was sold out pretty fast. However, I had the opportunity to attend to it in the next month with the online version. From the training content, some subject brought my attention and this is why I choose to take the training. The content of the training included the following but was not limited to only that:

• Host evasion

• Persistence

• Process and Remote Injection

• Shellcode Conversion

• etc.

From their website the training description is:

“Dark Side Ops: Malware Dev” focuses on the goals, challenges, architecture, and operations of advanced persistent threat (APT) tooling. Participants will dive deep into source code to gain a strong understanding of execution vectors, payload generation, automation, staging, command and control, and exfiltration. In addition, participants are given hands-on experience with black hat techniques currently used by hackers to bypass NIDS and HIPS systems, layer 7 web proxies, “next-gen” antivirus, and DLP solutions.

My background

I'm a security consultant for a large telecommunication company in Canada and we do Web, Network Pentest and Red Team. I'm not an expert in payload, tooling or malware development on Windows environment and during some engagement I realized that I had some lack in those fields. Security Software are evolving a lot and basic tools are getting detected pretty easily if you don't customize it. It is also a lot more fun when you understand what's going on behind these framework and understand more deeply the concept. I have some basic knowledge in C and C++. My favorite programming language is Python and it has been useful for this training since they use Python for the server.

Review

Overall, it is a really great training from Silent Break Security. I'm happy that I have taken this training because it's not only a 2 days training, it's a continuous training. They give all the material you need to continue, improve and customize the RAT. Before taking the training, I would recommend to have a basic knowledge in coding, programming language doesn't really matter. The training is really like a workshop and they guide you during all the time. I have taken the online training because of the current situation and it was really well handled on Zoom. In total, there is 11 chapters and with each chapter there is an presentation explaining the details. The only negative point that I have is that there is a lot of content in a short period of time. However, you can still refer to the material after the training and I think that was the goal of the program.

That being said, if you did like to know more or have any questions regarding the training, feel free to reach me.