Build-Your-Own-Ransomware: Hands-On Offensive and Defensive Insights

Slides:

Part 1

Exercises

Time to Write Your Own Ransomware

Implement hybrid encryption
- Master + Ephemeral Keys
- Encryption + Decryption
  - String - one program
  - File - one program
  - File - two program
File System Enumeration
- Depth or Breadth First Search
- Print out the files you discover
- Realize then you want to skip certain folders

Applying Evasion

Review the references and slides
- Apply the techniques to your ransomware

Examples:

Different encryption strategies
File System Enumeration (not DFS/BFS)

References

ransom-osx

macOS (Go)

BYOR Demo

Different Encryption Algorithms
Different File Discovery Strategies
Different Encryption Strategies (partial/blocks/full)

Conti Ransomware

Windows (C++)
Source Code Analysis Video: (https://youtu.be/SGbhqwXB-GU)

Babuk Ransomware

EXSI (Golang)
Nas (C)
Windows (C++)

Windows Ransomware Detection

Slides: https://github.com/rad9800/talks/blob/main/windows-ransomware-detection.pdf

RansomFS - Ransomware Detection

Detecting Ransomware using the Projected File System

BootExecute Ransomware

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
bootexecute		bootexecute
byor		byor
ransom-osx		ransom-osx
slides		slides
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Build-Your-Own-Ransomware: Hands-On Offensive and Defensive Insights

Exercises

Time to Write Your Own Ransomware

Applying Evasion

References

About

Uh oh!

Releases

Packages

Languages

jfmaes/byor

Folders and files

Latest commit

History

Repository files navigation

Build-Your-Own-Ransomware: Hands-On Offensive and Defensive Insights

Exercises

Time to Write Your Own Ransomware

Applying Evasion

References

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages