cocomelonc
cybersecurity enthusiast, author, speaker and mathematician. Author of popular books:
MD MZ Malware Development Book (Github, 2022, 2024)
MALWILD: Malware in the Wild Book (Github, 2023)
Malware Development for Ethical Hackers Book: (Packt, 2024)
AIYA Mobile Malware Development Book (Github, 2025)
Malware Development for Ethical Hackers 2nd edition (Packt, 2026, in progress)
Author and tech reviewer at Packt.
Co founder of various cybersecurity research labs, author of many cybersecurity blogs, HVCK magazine
Malpedia contributor
Speaker at BlackHat, DEFCON, Security BSides, Arab Security Conference, Hack.lu, Positive Hack Talks, etc conferences
Sessions
Whether you are a Red Team or Blue Team specialist, learning the techniques and tricks of malware development gives you the most complete picture of advanced attacks. Also, due to the fact that most (classic) malwares are written under Windows, as a rule, this gives you tangible knowledge of developing under Windows.
The course will teach you how to develop malware, including classic tricks and tricks of modern ransomware found in the wild. Everything is supported by real examples.
The course is intended for Red Team specialists to learn in more detail the tricks of malware development (also persistence and AV bypass) and will also be useful to Blue Team specialists when conducting investigations and analyzing malware.
The course is divided into four logical sections:
- Malware development tricks and techniques (classic injection tricks, DLL injection tricks, shellcode running)
- AV evasion tricks (Anti-VM, Anti-Sandbox, Anti-disassembling)
- Persistence techniques
- Cryptographic functions in malware development (exclusive)
- Malware Development for Android and Linux (bonus)
Most of the example in this course require a deep understanding of the Python, Kotlin
and C/C++ programming languages.
Knowledge of assembly language basics is not required but will be an advantage
As AV/EDR systems evolve to detect behavioral anomalies, offensive tradecraft must adapt beyond static obfuscation. This talk explores the convergence of Artificial Intelligence and advanced Cryptography in the development of next-generation evasive malware. We will move past traditional packing techniques to examine how lighweight LLMs and cryptographic primitives can be integrated directly into the malware lifecycle.
You will gain insight into:
- AI-Driven Polymorphism: Utilizing embedded or cloud-based AI agents to dynamically rewrite logic and variable structures at runtime, rendering signature-based detection obsolete.
- Cryptographic Context-Awareness: Implementing environmental keying and mathematical "logic locking," where payloads remain cryptographically sealed until specific environmental conditions (verified by AI logic) are met.
- Entropy Reduction: Techniques to make encrypted payloads statistically indistinguishable from benign data or natural language using AI-generated steganography.
This talk bridges the gap between theoretical mathematics and practical weaponization, demonstrating how free, open-source AI models can be weaponized for stealth, and conversely, how defenders can prepare for the age of "thinking" malware.