@gooniesfan7911

If you run a local Deepseek or even llama with the Deepseek reasoning ability, you can use a RAG dataset with the full windows api and third party NT api, with any other malware api doc and it can generate sophisticated evasion techniques.

You can also feed it white paper and EDR research reports and classify certain modes of thinking to attempt to simulate being novel.

Then you can generate complete polymorphic modules that use the most imaginative methods imaginable to do certain tasks on the system. Downloading files where the way the data is written to disk avoids the EDR engine seeing the full picture of the file. Then executing scripts by opening a handle to wscript exe file and patching out the amsi/etw functions from its code in memory before giving it the script instructions directly in memory instead of opening the file and providing a command line script. 

You can even patch unused functions in wscript to have your decryption function and when you pass it a command before executing the process will jmp to the decryption function decrypt your command and then it gets executed leaving no trace in memory and the log file will only show wscript was started with no command.

@bossman999

What a great video bro. Please keep making these type of videos!

@fhlipZero

added to my watch later! i literally just used claude to build a super simple c2 im working on expanding, crazy powerful stuff out there

@BobertV702

Hey, these videos about AI and malware writing are very nice. If you have a lot of resources, you could even try to host the deep seek 70 billion parameters as a self-hosted solution, and then see if it still writes code as good as this. Even if the online model uses something like 671 billion parameters, compared to the 70 billion parameter (Self hosted), I think it would be very interesting to see what it could do

@mysteriousdemon1490

Hey brother is it safe to use this ai online and offline which is more safer to use can you please tell me about this