Automating Malware Development: A Red Teamer's Journey - Gian Demarmels

Gian Demarmels (Redguard) Adversary simulation and red team operations play a crucial role in fortifying defences against sophisticated adversaries. As defences getting better and EDR systems being deployed everywhere, malware development is becoming an important skill for red teamers. Red teamers are often in need to develop custom loaders capable of bypassing these defences. Developing a modern, customizable, and evasive loader involves multiple steps, which can be a time- consuming and complex process. Often multiple existing malware techniques need to be combined and adapted to the respective situation. This talk delves into my journey of automating malware development to create loaders for red team operations and discusses the challenges I faced.