Skip to content

Ch0nkyLTD/linux-malware-course-public

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits
LECTURES
LECTURES
 
 
ObsidianVault
ObsidianVault
 
 
example_code/tlsclient
example_code/tlsclient
 
 
hw
hw
 
 
lecture_code
lecture_code
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Linux Malware Course

Fall 2025

Advanced OS: Payload Creation: Three Easy Pieces

  • This is the public repository for the course listed as Advanced OS

Brief

This hands-on seminar course introduces students to the fundamentals of offensive cyber capabilities development. Through a scaffolded, three-part curriculum, students will design and implement a multi-stage implant targeting a bespoke sandbox environment. The course culminates in a capstone project where students will have developed a comprehensive capability to gain initial access, execute a payload, and exfiltrate critical data in an operationally secure manner.

Course snapshot

  • Duration: 10 weeks. Studio plus lab.
  • Modality: Mix of in person with remote-friendly repos. Required lab section every week.
  • Pace: Three parts. Weeks 1–3 IO. Weeks 4–6 payload creation. Weeks 7–10 execution and injection.
  • Capstone: Capability targeting a custom sandbox

Capstone

  • While there will be periodic programming assignments, students will spend the bulk of their time creating capabilities that allow them to exfiltrate data from a custom application.
  • As the course progresses, the countermeasures in place will become more robust.
  • The final environment will require a multi staged capability that is able to exploit vulnerabilities in the application to downsample and exfiltrate data from the target system.

Getting Started

  • All notes, assignment READMEs and extra content is contained in the ObsidianVault directory. To open this, please download obsidian.md.
  • Navigate to ObsidianVault/GettingStarted.md and follow the directions there.
  • Please note that while all the files in the Vault are markdown, they are rendered differently on github than they are in Obsidian.
  • Please make sure to carefully follow the directions.

Contact Me

Questions, comments? Feel free to reach out on Discord

@k111b222s333e444c555
Remove the numbers :-)

Bribe Me

Like the course and want to express your gratitude? In lieu of payment, show your appreciation by

    1. hiring one of my many wonderful students
    1. send a student to a security conference
    1. give a talk
    1. buy us pizza :-)

Acknowledgements

  • Special thanks to Ari, Leo and Wayne for making the first iterations of this course happen
  • Dedicated to Mike Murray. Without you, I wouldn't be where I am today.

About

aarch64 Malware course

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

11 stars

Watchers

2 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages