
Explore an introductory red team course covering primers for payload development and evasion. Learn to access the Windows API and Cisco techniques in 64-bit environments using Visual Studio and x64dbg.
Explore declaring and updating variables with explicit types or var type inference, including integers. Understand arrays and structs: create with new, access elements by index, and use default values.
Explore the portable executable format, memory layout, and how dot net assemblies run under the dot net runtime, covering sections, memory addresses, handles, processes, threads, and in-memory shell code.
Explore dynamic invocation in C# by loading dlls, resolving exports, and invoking them via delegates with an object array. Hooks on the API can still detect these calls.
Explore manual mapping by loading a dll from disk into memory, handling relocations and export forwarding. Demonstrate dynamic invocation to execute exports and avoid hooks with a shell code loader.
Explore indirect syscalls and freshycalls, adjusting registers to return to a dll memory region and jump to a prepared stub for code execution in user land.
Interested in working with the Windows API? Do you like C#? Want to learn how to harness the function's that you'll need to create your own payloads? This is the course for anybody who said yes to any of the above. Getting into red team payload development isn't easy; while there are a lot of extremely technical and educational resources accessible, it's hard to get started. My journey began with C# so I have curated the things I've learned in the form of this course to help streamline the process of getting into payload development. The goal is to get all of these techniques/concepts that you might have heard before and have their usages, benefits, and drawbacks make more sense.
Why C#? C# is a nice language to get started with, especially with a weak or no programming background. The syntax isn't extremely difficult, and it has some pretty powerful capabilities which we will explore in this course. Its usages go beyond just working with the Windows API, but that will be the focus of this course. The material from this course may be applicable to payload development in other languages too; while the language is C#, most of the concepts aren't exclusive to the language.