How to Create Trojans Using Powershell
Рет қаралды 688,066
Күн бұрын
@mannyislam1 2 жыл бұрын
I have a master's degree in Cyber Security and I can attest that your content is better than accredited universities.
@zSecurity 2 жыл бұрын
Glad to see that you like it 👊
@ogvgamer3378 2 жыл бұрын
bro know i am 11th class i will also do masters in cyber security
@metinaktor5383 2 жыл бұрын
Give your discord for the jobs. Thx
@royalsrivastava2079 2 жыл бұрын
so should i go for masters in cyber security after my bachelors in Ai&ML ? i will appreciate your opinion!
@mannyislam1 2 жыл бұрын
@@royalsrivastava2079 artificial intelligence and machine learning falls under data science. Cyber Security is very different from Data Science. If you do go for Masters, go something related to data science. If you want to demonstrate some cyber security knowledge, certifications will help you better than college.
@wtfdoiputhere 3 жыл бұрын
lesson learned, always go to properties to check files extensions and never click links or any media from ppl you don't know ty so so much Zaid always making original and interesting videos
@luan_dragonpro9669 2 жыл бұрын
or just enable file extencions
@WhiteHat-1337 2 ай бұрын
@@luan_dragonpro9669 True, I hate when systems try to simplify so much to users and end up hiding important information (file extensions, part of the URL, etc.).
@ldandco 3 жыл бұрын
This is the main reason why on Windows I always set the file explorer to view the extensions for all files. This way I know if what I am executing is a exe file or an actual file.
@zSecurity 3 жыл бұрын
There are ways to spoof the file extension too, already covered in our courses or lookup RTL override.
@MrRobot222 3 жыл бұрын
@@zSecurity Even Widnows Defender would still block it. Plus you can't email this to someone as any email provider would block it, so how do you deliver it?
@oo7posam581 3 жыл бұрын
@@MrRobot222 Recently the security has been increased... So manual is only option
@yuliyy__ 3 жыл бұрын
@@MrRobot222 Torrents
@MrRobot222 3 жыл бұрын
@ZcyberTech Antivirus would still block it
@nimira43 3 жыл бұрын
The best teacher / instructor ever. I'm enrolled on all your courses and your KZbin video tutorials are fantastic. Another of my favourite instructors on Udemy is Laz Diaz; he rates you very highly, saying you're a genius. Thanks for all that you do. Massive Respect
@anuragrsimha 3 жыл бұрын
Videos by Zaid Al Quereishi sir is a gem in their own form. Flabbergastingly, the course that I had completed is entirely different from what is in the scheduled syllabus prepared by the engineering university where I am pursuing a bachelor's degree.
@donhousam 3 жыл бұрын
does this payload passing Facebook security bot +WhatsApp?
@anuragrsimha 3 жыл бұрын
@@donhousam Could you consider elaborating? Your question seems to be quite unclear, I'm afraid.
@michaelodor6788 3 жыл бұрын
There is no video I don't learn from you.. you are simply the best
@mr_crapto 3 жыл бұрын
yep i agree with you buddy
@Yoghaaa 3 жыл бұрын
Couldn't agree more
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs :
@JayPatekk 3 жыл бұрын
So can somebody explain to me about what this guy does because I’m interested in this so called security defense trade but would this be under coding or just hacking
@wilwad 3 жыл бұрын
It’s these basic tricks that get users owned. Ordinary users just double click files and don’t know not to click random EXEs even with show extension turned on
@DariNewsTv 11 ай бұрын
youre my fav youtuber rn yove teached me alot , i wish i had money to buy your courses
@MrRobot222 3 жыл бұрын
Great video, but 4 points. 1. Any decent email provider will block this if you try to email it to them. So what delivery do you use? 2. Most people will have file extensions on and see it's an exe file and never open it. 3. any anti-virus will then block it, including windows defender. So this is pretty much useless unless your target is really, really, really stupid and has gone out of their way to make themselves vulnerable! 4. as you're hosting the files, forensic analysis will link it back to you. 😂 Still, giving the video a like for the PowerShell info, but this is a terrible way to do it.
@zSecurity 3 жыл бұрын
I did say its a quick and dirty way of doing it. All points you mentioned are valid but can be addressed and bypassed by this very Trojan, the video will turn into a full course if I do that though
@Saint_sheedy 3 жыл бұрын
So how would you go about it ??
@MrRobot222 3 жыл бұрын
@@zSecurity Please don't get me wrong. I've done 2 of your courses and really enjoy your content. As I said, the powershell side is useful. Just creating a FUD backdoor these days is getting harder and harder. Veil, FatRat, Empire, Shikata ga nai are all becoming detectable by both email and AV. It can be done, just takes so much more effort these days! 😊
@cyyborgg 3 жыл бұрын
@@MrRobot222 Did you successfully make any undetectable backdoors yet? I tried myself but I failed miserably 😂😂
@MrRobot222 3 жыл бұрын
@@cyyborgg I've made several backdoors through various obfuscation techniques, but all detected, even by windows defender and the various email clients. I'm learning python with the hope of writing my own as this could be the only way forward.
@shellbng 3 жыл бұрын
one of the best teacher zaid sir💯💯💯💯
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@128bytes8 2 жыл бұрын
that is the most barebones POC of a botnet ever. Very cool. Like the reverse shell code. Keep up the great work.
@mastaghimau 3 жыл бұрын
Very nicely explained Zaid... Thanks a lot for your sharing....
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@aitboss85 3 жыл бұрын
If the user has enabled in the display option to view file extensions, they will notice easily it is an .exe file...
@Gareth1892000 3 жыл бұрын
Yes, this is just a basic tutorial, and the method is used only with social engineering (where you trick other to click it). Otherwise, if you could write trojan and implement it purely in jpg/png file without exploit the user programme reader easily, the world security would be doomed.
@aitboss85 3 жыл бұрын
@@Gareth1892000 what program are you using to gain control over victims?
@musshare 3 жыл бұрын
most users arent critical
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@kastakastakasta2933 3 жыл бұрын
@@Gareth1892000 kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@uzi5998 3 жыл бұрын
I bought your Udemy courses sir, ngl your explanation is the best.
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@technical_Insight 2 жыл бұрын
Hello bro
@technical_Insight 2 жыл бұрын
Can you share the course with me please
@einsteinwallah2 3 жыл бұрын
you should now do a video on how to prevent being victim of such attack or detect if you are already attacked and how to prevent its consequences
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@Malisha_Rasiru Жыл бұрын
SSuperb Bro I have Ever Seen such a clear explanation 🤝
@picku4486 9 ай бұрын
Dear Fbi, I'm here for educational purpose only!
@copyright-pw8bz 7 ай бұрын
No way same
@kabandajamir9844 3 жыл бұрын
Good explanation sir
@manavgora Жыл бұрын
Wow that was an amazing practical, i am very impressed and i subscribed
@blackdevil5962 3 жыл бұрын
sir i like your intro.. very well.
@James-c8m8x Жыл бұрын
Keep up the good solid work! I enjoy your content because it answers the questions that I have. Great job!
@SagarNunia-md4wn 11 ай бұрын
how I am gain the interface as shown in this video???
@beloaded3736 3 жыл бұрын
Thanks Sir Zaid. Jazakallah khair.
@lingehmuhamed5718 Жыл бұрын
please what tool are you using to listen for incoming connection? the interface is awesome please help me with it if anyone has an idea of the tool.. the video is great i'm recently following some of your videos in udemy it's great keep up with the good work.
@josinjojy4268 3 жыл бұрын
Please make a video on how to create an undetectable backdoor with C /C++ or assembly language
@shahiduae100 3 жыл бұрын
Dear Zaid No Doubt you are the best and first on Udemy I had already purchased and learned a lot from your series of Ethical hacker I would like to ask you if you could suggest it make video on parental care spyware Which is useful... God bless you
@coolcool1003 3 жыл бұрын
Why doesn’t you just use the curl command from batch instead of the powershell command ?
@fletchedfps 3 жыл бұрын
windows doesnt read bash tho right?
@coolcool1003 3 жыл бұрын
@@fletchedfps I had no problems so far with batch and the curl command
@zerobyte536 3 жыл бұрын
@@coolcool1003 I was wondering same thing, I mean I did not test it, but would think that would be better also would work in non windows machines, well cant change to exe but still
@merl7972 3 жыл бұрын
@@fletchedfps This used to be true, but since Satya Nadella took over microsoft in 2014, they've worked to incorporate a ton more linux into windows. curl works from command prompt in modern versions of windows, but not old ones to my knowledge (don't have a copy of win7 laying around atm).
@MrSavindrasingh 11 ай бұрын
That's why I always use "Show > File name extensions" as a default setting
@samislam2746 3 жыл бұрын
This technique is old and well known. What I'm looking for is an answer to my question, *is it possible to have a backdoor inside a pure png/jpg file?* What you have shown is actually an EXE file, and not an image
@reddixskrull2451 3 жыл бұрын
Of course you can hide code of a backdoor inside of a pure PNG but it won't be executed because of the way pictures get handled.
@samislam2746 3 жыл бұрын
@@reddixskrull2451 What if there was a vulnerability in the picture viewer program? I've read many times about vlc media player that it has been a security hole exploited by hackers through out the history
@reddixskrull2451 3 жыл бұрын
@@samislam2746 yes that probably can be possible but it would be difficult to find such a vulnerability and at least to my knowledge there aren't any vulnerabilitys like that around. I mean ask yourself is it possible to infect a computer with opening a txt file with Editor? Probably not because of the capabilities of the file and Editor itself (i mean the windows standard text editor)
@samislam2746 3 жыл бұрын
@@reddixskrull2451 it all depends on the purpose, for example, hackers can exploit a vulnerability in a video player like vlc to de-anonymize users hiding behind vpn or Tor. Since vlc is capable to search for available subtitles of the video being played online. and as u know, vlc is a networking application, it has the permission to scan the local network and to send internet requests too. There was a trick that I read one time about, which is you might find a ping request inside a subtitles file. The video player might be reading and consuming the input from the subtitles file in a vulnerable form, which leads to a direct internet request holding the actual ip of the victim sent to a particular service of the hacker.
@samislam2746 3 жыл бұрын
and that's the most stupid thing I did today. and you're right, it all depends on how the picture is being handled. also it's rare or maybe a completely garbage discussion because I don't believe there would be an idiot programmer like that
@jeanemeryenoga9949 Жыл бұрын
This is your best tuturial for ever. Thanks à lot master. 👏👏👏
@kbto 3 жыл бұрын
Very informative, you earned a subscriber
@grey1185 3 жыл бұрын
I took the courses Zaid offers. They are really great and its wonderful to see you making great content
@jeremycheong8036 3 жыл бұрын
I bought your course. Can’t wait to start learning! 🤟
@zSecurity 3 жыл бұрын
Hope you enjoy it!
@amaanquadri2901 3 жыл бұрын
Zaid sir taken your 11 udemy courses love form India
@decoder6878 3 жыл бұрын
Nice video and awesome courses. I learnt a lot from your courses.
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@charliecrane253 3 жыл бұрын
Great video, obviously you would need to obfuscate your reverse shell so Windows defender doesn't catch on
@fletchedfps 3 жыл бұрын
id love to see an up to date tutorial on how to bypass av with obfuscation
@muaviyaharsalan4414 3 жыл бұрын
@@fletchedfps same, honestly I've seen a bunch of videos but not one of them works
@scp-burgerking658 3 жыл бұрын
There is no point in obfuscating code. Obfuscating just makes it harder to read for humans. AV’s can un-obfuscate (beautify) codes in matter of miliseconds
@muaviyaharsalan4414 3 жыл бұрын
@@scp-burgerking658 what about encrypting?
@scp-burgerking658 3 жыл бұрын
@@muaviyaharsalan4414 Yep, thats what you’re looking for
@Jaiswalkatul 3 жыл бұрын
The moment you execute Invoke Expression , any EDR solution will detect and block it
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@Mindflayer86 3 жыл бұрын
Can't... resist... THUMBNAIL!!
@johnsam3240 3 жыл бұрын
Nice one but what about windows defender or any other antivirus detection??
@aussieraver7182 2 жыл бұрын
Plot twist: The tools he downloads from the internet gives you Trojans. Jokes! Great tutorial, I learnt heaps!
@cryptolicious3738 3 жыл бұрын
better use a firewall n a/v . avg wont let apps connect unless they have an entry in the firewall...right?
@hadicrecket 3 жыл бұрын
Sir your videos are very good i watch your every video and get a lot of knowledge from it Sir who are you, show us by making another video in which tell how we can find free internet and free host find for free sim Internet
@dhavalsuthar1 3 жыл бұрын
Sir !! You are great 😊
@postmahtoast2736 3 жыл бұрын
This guys so good, I feel compromised by watching this video
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs :
@RalphFarah-r1q 10 ай бұрын
how do you build the connection between the code and kali?
@Atreus21 3 жыл бұрын
That's a hell of a thumbnail sir.
@tojabdhei4881 2 жыл бұрын
Very useful bro ❤️
@robingood2493 3 жыл бұрын
Of course its exe in the final or I would scary) Useful for a few type of things maybe. Not for main cases of course.
@karkantas 3 жыл бұрын
I need the url for the video that shows how to set up empire
@ytshplays1785 10 ай бұрын
same bro same
@DavidParathyras 2 жыл бұрын
I really like how you call the letter 'z' with its real pronunciation and not the American one
@GabrielNixon-Cullers-h2z 6 ай бұрын
found the Br*tish "person"
@SherinSunny-rj3py 3 жыл бұрын
Hi zaid I am one of your students who enrolled in all of your courses which are totally best for beginners as well as , you explain complex topics in simple format so a request please make a course on "Learn Ethical Hacking and C programming from scratch " as well as "Learn software Ethical Hacking " Awaiting for your response With regards
@einsteinwallah2 3 жыл бұрын
sherin what is the difference between "Learn Ethical Hacking" and "Learn software Ethical Hacking"?
@davidhuh8723 3 жыл бұрын
First thing I thought about is to rickroll a friend 😂
@zSecurity 3 жыл бұрын
🤣
@telo6739 3 жыл бұрын
Will a good antivirus alert you? I'm worried about downloading torrent videos now lol
@jamesrushforth1026 2 жыл бұрын
So cool mate never seen anything like it can this be used on phone too iphone or android the newer ones???
@juniorpillay 3 жыл бұрын
Can you show us without using empire or even Metasploit because using these frameworks are other people's programs doesn't teach us much but I do appreciate all your effort
@harshavardan9054 3 жыл бұрын
Hey I have a doubt when the victim clicks in that image will if trigger the Security malware of the victim or it does not
@praveenmalik8066 3 жыл бұрын
which tool you are using to get reverse connection? is it metasploit???
@zSecurity 3 жыл бұрын
No, powershell-empire
@0xazyz897 3 жыл бұрын
Amazing video Zaid, Thank you!
@SouzieQ 3 жыл бұрын
So this tutorial is also on your Learn Python & Ethical Hacking From Scratch course?
@zSecurity 3 жыл бұрын
No it's not, that course shows a better method
@SouzieQ 3 жыл бұрын
@@zSecurity ok thank you
@RanaMSikandar 3 жыл бұрын
Do you think it will pass throw windows defender. Mostly bat to exe are caught by windows defender
@anonymous4911 2 жыл бұрын
Any Video to the kali machine he uses?
@AndrewDinoshan Ай бұрын
Should I use Kali Linux to take control of a person using this executable image?
@d_faceedit3419 Жыл бұрын
i love this video but i already know this method and yeah that's great to see that because this same method i think and make a prototype of it and it work properly also implement in ms excel that download file from internet using cmd then run that file and perform the hacking after this it upload all the data to cloud really a great video for those who are learning
@daveodie1575 2 жыл бұрын
You are simply the best!!!
@Azurerok Жыл бұрын
i sent a 4 zettabye trojan to my professor labeled "science project" his CPU was fried, thank you! (joke)
@matze86hh 2 жыл бұрын
1:34 the Hand is great 😂
@bransensible1829 4 ай бұрын
I have a few questions: 1. Does the file extension show as ".png" or ".exe" ? 2. Will windows defender block it if I click on that image file ? 3. If I run that file and you controll my PC, are there any ways that I can stop that? Changing ip address or something?
@SashikaSandeepa 3 жыл бұрын
but it is a executable file. So victim who know about basic about file extentions immediatly identify the threat. But most users dont care about file extentions. they only look at icon.
@tumon1237 3 жыл бұрын
Hello Zaid, I am your big fan.I am eagerly waiting for a cyber security course from you. I know you are truly knowledgeable at this sector...
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@igor-kostelac Жыл бұрын
Where can I find this hand pointer that you use in your presentation? Thank you
@goatedggwp 3 жыл бұрын
There is one problem that is all those backdoors that we made are easily detectable by Windows Defender Is there is a backdoor that is not detectable? Thanks.
@zSecurity 3 жыл бұрын
Yep there are a number of ways to bypass WD, this is just not the topic of this video, it is covered in a different video in the channel.
@Mohta69 3 жыл бұрын
The video is great as always but the thumbnail is misleading.... (No hate) :)
@CoryResilient 2 жыл бұрын
Do you have a course to bypass defender now in 2022 using this or similar methods. And is it possible to use veil powrshell bat to exe like your old video. Do the edits to the power shell options then encrypt the string even further to bypass defender now
@BATMAN78737 10 ай бұрын
Salam Brother are this works for iphones or androids phones thanks for reply
@betssonperu6883 3 жыл бұрын
You are the best keel going
@robinbijo 3 жыл бұрын
@zSecurity this is in case of an exe file,people will know that this is not an image file rather it is an exe file,so how can we make a backdoor behind an image?? Also how do you do it for a pdf file?
@princynoob5649 2 жыл бұрын
Does it work on Android
@joele2857 3 жыл бұрын
Thank you sir!!
@faisalfarooquee 3 жыл бұрын
Me Waiting long for new videos from Zaid.....finally...let's hack legally!!! 👨💻
@milessw1594 7 ай бұрын
Nice vídeo 🎉❤
@CthRage8946 6 ай бұрын
Don't get me wrong! PowerShell Empire/Starkiller servers are good but how do you evade Windows Defender? Do you use the C2 framework like sliver's implants?
@lenovothinkpad9475 3 жыл бұрын
Thank you so much AS YOU CAN SEE
@Wenedi 3 жыл бұрын
Me: watches hacking videos My mom: 👀
@AwesomeCaden73 3 жыл бұрын
What was the bat to exe file converter you used? I couldn't find the link.
@e343io 3 жыл бұрын
Will it bypass win defender or you have already turn off ur win defender then have start ???
@DavidVanMosselbeen 3 жыл бұрын
Disable Windows Defender, uninstall the antivirus, uninstall Chrome, and install Windows XP. And then you're (un)safe :-D All these tools are blocked, even hashed stuff. These days you almost need to be able to write you own backdoor from scratch. And even then, some systems are so smart enough to even detect some suspicious programming functions you use in your custom made backdoor. Our Windows systems are very secure, very very well actually. GNU/Linux seems actually the most easy to hack these days. Not safe at all, even what others proclaim
@user-po7cm3nr7p54 3 жыл бұрын
@@DavidVanMosselbeen Windows is safer to guard against malware becuz of the built-in antivirus. If without antivirus programs on Windows, there are way more exploits on Windows compared to Linux.
@jvintsol2 3 жыл бұрын
Everybody knows not to double click an .exe file. I never use virus software. All you have to do is be aware of fake sites or files that have the wrong extensions.
@velo1337 2 жыл бұрын
tldw: make an EXE File and change the icon. this is not an image backdoor
@chriscjjones8182 2 жыл бұрын
Why not just use the dos copy command with the b option? That way you have an actual image file not an exe and the image opens as normal but still runs the batch file as well. Very old technique now yes, but I'm asking is there a reason not to do it that way?
@SagarNunia-md4wn 11 ай бұрын
ok, then what to do as your opinion... please tell me simply..
@KhanKhan-mr7ww 3 жыл бұрын
Sir, Can we hope for new course? If yes what is it?
@zSecurity 3 жыл бұрын
New book coming soon but the course might take a bit longer :)
@timinamen1217 Жыл бұрын
Actually thought that this video was a ad bc of the thumbnail
@muhammed-aldulaimi 3 жыл бұрын
Youre assuming that a user would execute a .bat file, mistaking it for an image, which is very unlikely.
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
@lillythefox21283 3 жыл бұрын
How do you get past the Microsoft dangerous file popup (I think it needs a code signing certificate)
@zSecurity 3 жыл бұрын
Yep
@luismarrero9293 3 жыл бұрын
great tutorial. Always didactic and a lot of learning .Thanks
@Мистер-ю6й Жыл бұрын
that one me making a system speed destroyer using a loop forkbomb with a red color skull art too in a batch extension file:
@shortgod8846 2 жыл бұрын
Does it work on Android ?
@zSecurity 2 жыл бұрын
No
@shootingpoint8427 3 жыл бұрын
Zaid is rocking now
@sudopower-hq8xd 4 ай бұрын
Thanks for this sharing your knowledge with Us you made hacking looks so easy My Window Defender was able to pop up and "say Microsoft Defender Antivirus did not find any threat since last summary . " I I'm trying to scan my Window 11 . But at the first time my windows defender popped up 15:36
@theethicalhadwani4091 3 жыл бұрын
Already covered in mr zaid's social engineering and ethical hacking cources I personally recommend them great for beginners! ❤️ And one more thing Was the thumbnail a click bait?😂 If yes well done 😝😂
@StreamPlus360-BR Жыл бұрын
Maravilho! I loved it
@MacronLacrom Жыл бұрын
So you make a bat file with those commands then you use another program to change the icon?
@meghrajjare5988 3 жыл бұрын
But I have a question...... We can still see the extension as an executable file and any guy who is used to computers won't open it... Is there a way to get around that so that the file extension doesn't show in the explorer?
@squidssh 3 жыл бұрын
there is no way to do that without already having accese to the machine,if someone has file extensions enabled you cant turn it off without having accesse
@kastakastakasta2933 3 жыл бұрын
kzbin.info/www/bejne/bZe5YpKcZc6jmbs
That Little Puff
Рет қаралды 24 МЛН
Kate Brush
Рет қаралды 45 МЛН
GhostStrats
Рет қаралды 586 М.
That Little Puff
Рет қаралды 24 МЛН