From the course: Ethical Hacking: The Complete Malware Analysis Process
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Digging into rootkits
From the course: Ethical Hacking: The Complete Malware Analysis Process
Digging into rootkits
- [Instructor] Malware using the basic hiding and cloaking techniques can be detected by a knowledgeable investigator. Consequently, the more sophisticated attackers have developed techniques which install malware, not just as an application or process, but deep into the heart of the operating system. This kind of malware is known as a rootkit. A rootkit doesn't exploit vulnerabilities. It's designed to hide, operate, and carry out it's mission using normal system functions. Similarly a rootkit isn't a virus. It's an implant which exists in a target, but it doesn't by itself propagate. It can however be combined with virus like code to enable propagation laterally once installed in a system. In order to deploy a rootkit, an attacker must first penetrate the target system and then use what is known as a dropper to install the rootkit, which it either carries as a payload or subsequently downloads. The job of the dropper is to check whether the rootkit already exists on the system…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
Types of malware3m 36s
-
(Locked)
The evolution of malware3m 40s
-
(Locked)
How malware is delivered2m 35s
-
(Locked)
How malware works3m 15s
-
(Locked)
How malware achieves persistence5m
-
(Locked)
Digging into rootkits4m 20s
-
(Locked)
Automating malware with botnets3m 57s
-
(Locked)
Virus construction kits5m 54s
-
(Locked)
Contemporary malware construction2m 47s
-
(Locked)
The MITRE ATT&CK repository2m
-
-
-
-
-