I can't find the theme, could you give me the link for it

if possible could you please also cover these videos in rust?

i appreciate that so much! thank you :')

I thought I was crazy for thinking that too. Something about the way he explains things just works for my mush-brain.

agreed! it's also just a lot of fun to see how everything comes together! thank you so much for commenting!

thank you so much! that's so kind of you

ILY LEGEND

it's my pleasure! thank you so much for commenting

thank you so much!

aw thank you so much, that's so heartwarming to hear

ILYT THANK YOU TRINTLER, SAME TO YOU HOMIE

@@crr0ww I was and i'm always wondering - why theres 0 content like this for linux?

@@gregandark8571 well, windows is the most popular platform that people use, so it's natural that most malware is made for it! that isn't to say that there isn't malware for linux, there's a lot out there too (some really really cool techniques as well!) dont worry, i have something planned for linux-based malware development too :) all in due time. thank you so much for commenting!

@@crr0ww Awesome!

HAHAHA i'm glad to hear that xD thank you so much for commenting

IM ALIVEEEE

thank you so much!! :D it's called "DinaRemasterII"

THANK YOU SM LOVE

LMAOOO

well, you could make your own shellcode (which is recommended, but for beginners might be too difficult at first) or you could use a shellcode-generating tool, the most popular of which is called "msfvenom". although, be warned that msfvenom has been heavily scrutinized and documented so pretty much all of its shellcode will get caught by windows defender. now, you could get past this by encrypting the shellcode, or for this example, since we're not doing anything malicious, you can set an exclusion path for windows defender so that your program can run and not get thanos snapped out of existence. hope that helps

@@crr0ww could I make an exe that starts calculator with system(“calculator.exe”) then try to get the bytes from a disassembler? Btw, I got into this with game hacking stuff like assault cube and your channel now has gotten me into the more general area of malware. I like how you present the information in an entertaining way instead of speed running code with subtitles. Really makes it enjoyable 👍🏼.

はい！そうですね～ peppiさんの日本語本当に上手ですね。：）コメントありがとうございます！

!!!!!!!!!

thank you so much!

if it's something you care about (i.e., you don't want to get signatured, taken apart, and analyzed), then yeah, don't upload your malware to virustotal. VT will share these samples for the sole purpose of taking it apart and documenting it. it says the following in their historic privacy policy statement: "We share the raw data underlying Samples uploaded to the Services as well as information relating to the submitter (ciphered ID, city, and country) of the Sample, as follows: With our security partners. When you upload a Sample to VirusTotal in order to receive a report about the potential maliciousness of its content, we store it in the Corpus and share it with our partners in the anti-malware and security industry. Partners that participate in VirusTotal are bound by contract to only use the Samples for internal security purposes in compliance with our Terms of Use to detect malicious code and to improve their antivirus engines. All partners receive Samples that their antivirus engines did not detect as potentially harmful if the same Sample was detected as malicious by at least one other partner’s antivirus engine. This information sharing helps correct potential vulnerabilities across the security industry." tl;dr if you care about this malware, something you made for engagements and you want to increase its shelf life, don't upload it to VT. there are alternatives that you can upload your malware to, to see what defensive solutions get triggered by your malware which i can't remember off the top of my head unfortunately, but yeah! i hope that helps! :D

@@crr0ww thanks for the input. How risky is it to upload it during the development phase? Any tips on how to test the effectivity of your malware?

Not DIRECTLY. There are certain NTAPI functions (as talked about in the video) that don't actually result in a syscall/int 2eh/sysenter instruction. Those NTAPI that do however, will end up invoking these instructions. so, when we call an NTAPI function, yeah, we will eventually have it perform a syscall, but we're not using syscalls directly, moreso transitively using them through the NTAPI. Using syscalls directly/indirectly is going to be main focus point of the next video, but just remember that when we use syscalls, we're ushering them out directly (typically through our own defined assembly stubs) and not having the NTAPI do it for us! Hope that helps! :)

DinaRemasterII

SHIT I'VE BEEN MADE

Zero (dark theme)

@@crr0ww thank you crow

:GASP: !!! xD tysm for commenting brother

@@crr0ww

happy (late) halloween!!

[crow's rat WILL remember this]

it's called zero (dark theme): marketplace.visualstudio.com/items?itemName=AgitoReiKen.zerovstheme

appreciate it so pleasing on the eye @@crr0ww

nvm

sure, it's called "DinaRemasterII"

idk why it only typed out thanks im gonna cry

haha maybe one day, brother

hola! thank you for commenting