John Hammond Interviews Cybersecurity Expert David Schllo on Malware Development and Red Teaming

In this video, John Hammond interviews David Schllo, a cybersecurity expert and former special cyber operations operator for the United States, about Windows malware development and red teaming techniques. The discussion primarily focuses on the Windows Malware Development (WMD) courses that David has created, as well as his future projects and insights into the current cybersecurity landscape. David Schllo explains that the WMD courses are designed to teach the basics of malware development but with a different approach from traditional courses. Instead of relying on text, the courses are entirely video and interactive, allowing students to follow David step by step, including when he makes mistakes. This method humanizes the development process and helps students understand not only how but also why certain techniques are used. The goal is to give students a sufficient understanding so they can improvise and create malware that evades detection by antivirus (AV) and endpoint detection and response (EDR) solutions. David shares valuable insights into the importance of creativity in malware development. He mentions simple yet effective techniques, such as using basic encryptions like the Caesar cipher, which can sometimes fool even advanced security systems. He also emphasizes the importance of understanding sandbox environments and evasion techniques, such as using CPU ticks to bypass time-based detection mechanisms. The discussion also touches on David's future projects, including the development of advanced courses (WMD 4 to 6) that will focus on creating custom C2 agents. These courses will include more advanced techniques such as DLL side loading and process-independent code execution. David also mentions his "Emulated Criminals" project, an initiative aimed at developing red teaming tools and training cybersecurity professionals to think like attackers. David and John also discuss the importance of infrastructure in red teaming operations. David stresses that obfuscating encryption keys and C2 configurations is crucial to avoid detection. He mentions that techniques such as storing this information on the dark web or using Tor services can add an additional layer of security. Finally, David shares his enthusiasm for malware development and cybersecurity in general. He encourages professionals to be creative and experiment with different techniques to stay ahead of defenses. He also mentions the importance of understanding the limitations of current security solutions and knowing how to bypass them. For those who want to learn more about malware development and red teaming techniques, this video offers a wealth of information and valuable insights. Whether you are a beginner or an experienced professional, David Schllo's WMD courses and projects are invaluable resources for improving your cybersecurity skills.