This is Bangladesh's most advanced malware development training, built specifically for bypassing Windows 11 Defender (August 2025 update) without disabling any protections. You will learn how modern red teamers and APTs build in-memory malware that evades AMSI, ETW, SmartScreen, Defender Cloud AI, and behavioral detection engines.
Through 30 deeply technical classes, you'll learn manual PE injection, direct syscall loaders, reflective DLL injection, fileless persistence, and stealth exfiltration techniques.
Class 1: Visual Studio & WinMain
Class 2: Boolean in C++
Class 3: PE Header discussion
Class 4: Dynamic Link Library explained
Class 5: String functions in C++
Class 6: Windows Defender + EDR 2025 Internals
Class 7: Safe Malware Lab Setup
Class 8: PE Header Engineering
Class 9: Shellcode Development
Class 10: Resources of PE (.rsrc storage)
Class 11: Compilation and CL commands explained
Class 12: Loading program from text section
Class 13: Loading program from resource section
Class 14: Encoding payload with Base64
Class 15: Windows Defender bypass proof of concept
Class 16: Encrypting payload shellcode with AES
Class 17: GetProcAddress dynamically fetching function call addresses
Class 18: Practically obfuscating function calls
Class 19: Donut position-independent shellcode generation
Class 20: XOR implementation on suspicious strings
Class 21: Hiding strings from Anti-Virus scans
Class 22: Process injection flow with diagram
Class 23: Finding process ID using undocumented structures
Class 24: Hacking Windows 11 with classic process injection
Class 25: DLL injection into another process
Class 26: Typedef and NTQuery thread finding
Class 27: APC injection and alertable state
Class 28: Traditional APC attack on LOLBins / processes
Class 29: Suspended state & Early Bird attack with Defender bypass
Class 30: Reflective DLL explained
Class 31: Reflective DLL Stephen Fewer theorem and code explained
Class 32: Reflective DLL attack and Defender security bypass
Class 33: Frankenstein new model explained
Class 34: Frankenstein attack redesigned
Class 35: Process Ghosting (Formal)
Class 36: Direct syscall
Class 37: Direct syscall integration
Class 38: AMSI v3 testing vs malware attacks
Class 39: ETW bypass test cases on real machine
Class 40: SmartScreen procedures (VHD / ISO trick)
Class 41: Cloud heuristic evasion
Class 42: Manual Import Table reconstruction
Class 43: AV bypass testing suite
Class 44: Command & Control (C2) development
Class 45: Implementing file stealer logic
Class 46: APT-style attack on a fully secured system
Final Exam
Project Submission
