Please open Telegram to view this post
VIEW IN TELEGRAM
/dev/stack
A Reverse Engineer’s Anatomy of the macOS Boot Chain & Security Architecture
1.0 The Silicon Root of Trust: Pre-Boot & Hardware Primitives
The security of the macOS platform on Apple Silicon is not defined by the kernel; it is defined by the physics of the die. Before the first instruction of kernelcache is fetched, a complex, cryptographic…
The security of the macOS platform on Apple Silicon is not defined by the kernel; it is defined by the physics of the die. Before the first instruction of kernelcache is fetched, a complex, cryptographic…
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
Passcode Writeup (Pwnable.kr)
About Pwnable.kr
Forwarded from Android Security & Malware
GhostAd: Hidden Google Play Adware Drains Devices and Disrupts Millions of Users
https://blog.checkpoint.com/research/ghostad-hidden-google-play-adware-drains-devices-and-disrupts-millions-of-users/
https://blog.checkpoint.com/research/ghostad-hidden-google-play-adware-drains-devices-and-disrupts-millions-of-users/
ClickFix Gets Creative: Malware Buried in Images
#malware_analysis #malware_campaing
#malware
@ZwLowLevel
https://www.huntress.com/blog/clickfix-malware-buried-in-images
Huntress
ClickFix Gets Creative: Malware Buried in Images | Huntress
Huntress uncovered an attack utilizing a ClickFix lure to initiate a multi-stage malware execution chain. This analysis reveals how threat actors use steganography to conceal infostealers like LummaC2 and Rhadamanthys within seemingly harmless PNGs.
Forwarded from Sec Note
#llm #ai
@ZwLowLevel
https://unit42.paloaltonetworks.com/dilemma-of-ai-malicious-llms/
Please open Telegram to view this post
VIEW IN TELEGRAM
Unit 42
The Dual-Use Dilemma of AI: Malicious LLMs
The line between research tool and threat creation engine is thin. We examine the capabilities of WormGPT 4 and KawaiiGPT, two malicious LLMs.
Forwarded from Fuzzing ZONE (0x0F1)
Analysis of Encryption Structure of Yurei Ransomware Go-based Builder
https://asec.ahnlab.com/en/90975/
@FUZZ0x
https://asec.ahnlab.com/en/90975/
@FUZZ0x
ASEC
Analysis of Encryption Structure of Yurei Ransomware Go-based Builder - ASEC
Analysis of Encryption Structure of Yurei Ransomware Go-based Builder ASEC
Low Level CO 🇨🇴 pinned «🤨 Windows VTL2 Technical Exploration #windows_internals #vtl2 #windows_kernel #reversing @ZwLowLevel https://howknows.github.io/roooot.github.io/VTL2/Windows_VTL2_Technical_Exploration.html»
Low Level CO 🇨🇴
Let's Create Some Polymorphic PIC Shellcode #malware #maldev #PIC #shellcode #polymorphic @ZwLowLevel https://g3tsyst3m.com/shellcode/pic/Let's-Create-Some-Polymorphic-PIC-Shellcode!/
Please open Telegram to view this post
VIEW IN TELEGRAM
G3tSyst3m's Infosec Blog
PIC Shellcode from the Ground up - Part 2
Let’s PIC back up where we left off shall we? 😸 I gave you the framework for developing PIC friendly shellcode back in Part 1. We went from the original code written in a high level language (C++), down to a pseudo low level representation of that C++ code.…
#satellite_hacking
@ZwLowLevel
https://hackmag.com/security/iridium-inmarsat-decode
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Receiving and Decoding Inmarsat and Iridium Satellite Signals with SDR
Tech magazine for cybersecurity specialists
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mytechnotalent/Hacking-Bits: A FREE comprehensive step-by-step 8-bit ATmega328P C and Assembler tutorial covering Embedded…
A FREE comprehensive step-by-step 8-bit ATmega328P C and Assembler tutorial covering Embedded Software Development to Reverse Engineering. - mytechnotalent/Hacking-Bits
Inject DLLs into the explorer process using icons
#process_injection #maldev
#malware_development
@ZwLowLevel
https://github.com/d419h/IconJector
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - d419h/IconJector: Inject DLLs into the explorer process using icons
Inject DLLs into the explorer process using icons. Contribute to d419h/IconJector development by creating an account on GitHub.
#windows_internals #windows_kernel
#callbacks
@ZwLowLevel
https://github.com/colby57/windows_instrumentation_callback
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - colby57/windows_instrumentation_callback: PoC demonstrating the usage of undocumented Process Instrumentation Callback…
PoC demonstrating the usage of undocumented Process Instrumentation Callback for intercepting kernel-to-user transitions (Syscalls, APCs, Exceptions). - colby57/windows_instrumentation_callback
#malware_development #maldev
#windows_internals
https://threathunters.blog/malware-development-create-a-registry-key/
@ZwLowLevel
Please open Telegram to view this post
VIEW IN TELEGRAM
Fuzzing Made Easy #1: A beginner’s guide to writing a fuzzing harness
Fuzzing Made Easy #2: Unlocking the Secrets of Effective Fuzzing Harnesses
Fuzzing Made Easy #2: Unlocking the Secrets of Effective Fuzzing Harnesses
#fuzzing #exploit_development
#exploitation
@ZwLowLevel
SRLabs
Fuzzing Made Easy #1: A beginner’s guide to writing a fuzzing harness - SRLabs Research
In this article, we focus on customizing a fuzzing harness, the key to effective fuzz testing.