Welcome to our workshop:
We hope that these materials will be useful for your own Red Team Operations and will be useful for all cybersecurity specialists: from entry-level to professionals.
The scanner is a web application which allows you to upload any .exe file and test it against Windows Defender. Currently this is the only AV it supports.
If the supplied application is not flagged, the application will automatically execute it.
The project integrates code from AVRed, you can read more about it here: https://github.com/dobin/avred-server
- Windows 10
- Python 3.12
- Download the repository
git clone https://github.com/lsecqt/BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
cd BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
- Install required packages
pip install -r requirements.txt
From this point on you should be good to go.
After you completed the installation process, you should be able to run the application via:
python app.py
All of the uploaded files will be stored on uploads folder.
Make sure to have your Windows Defender turned on all the time.
If you encounter problems while uploading and analyzing files, try to exclude the uploads folder from Windows Defender (This will NOT stop the application from working)