Low Level CO 🇨🇴
Let's Create Some Polymorphic PIC Shellcode #malware #maldev #PIC #shellcode #polymorphic @ZwLowLevel https://g3tsyst3m.com/shellcode/pic/Let's-Create-Some-Polymorphic-PIC-Shellcode!/
Please open Telegram to view this post
VIEW IN TELEGRAM
G3tSyst3m's Infosec Blog
PIC Shellcode from the Ground up - Part 2
Let’s PIC back up where we left off shall we? 😸 I gave you the framework for developing PIC friendly shellcode back in Part 1. We went from the original code written in a high level language (C++), down to a pseudo low level representation of that C++ code.…
#satellite_hacking
@ZwLowLevel
https://hackmag.com/security/iridium-inmarsat-decode
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Receiving and Decoding Inmarsat and Iridium Satellite Signals with SDR
Tech magazine for cybersecurity specialists
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mytechnotalent/Hacking-Bits: A FREE comprehensive step-by-step 8-bit ATmega328P C and Assembler tutorial covering Embedded…
A FREE comprehensive step-by-step 8-bit ATmega328P C and Assembler tutorial covering Embedded Software Development to Reverse Engineering. - mytechnotalent/Hacking-Bits
Inject DLLs into the explorer process using icons
#process_injection #maldev
#malware_development
@ZwLowLevel
https://github.com/d419h/IconJector
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - d419h/IconJector: Inject DLLs into the explorer process using icons
Inject DLLs into the explorer process using icons. Contribute to d419h/IconJector development by creating an account on GitHub.
#windows_internals #windows_kernel
#callbacks
@ZwLowLevel
https://github.com/colby57/windows_instrumentation_callback
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - colby57/windows_instrumentation_callback: PoC demonstrating the usage of undocumented Process Instrumentation Callback…
PoC demonstrating the usage of undocumented Process Instrumentation Callback for intercepting kernel-to-user transitions (Syscalls, APCs, Exceptions). - colby57/windows_instrumentation_callback
#malware_development #maldev
#windows_internals
https://threathunters.blog/malware-development-create-a-registry-key/
@ZwLowLevel
Please open Telegram to view this post
VIEW IN TELEGRAM
Fuzzing Made Easy #1: A beginner’s guide to writing a fuzzing harness
Fuzzing Made Easy #2: Unlocking the Secrets of Effective Fuzzing Harnesses
Fuzzing Made Easy #2: Unlocking the Secrets of Effective Fuzzing Harnesses
#fuzzing #exploit_development
#exploitation
@ZwLowLevel
SRLabs
Fuzzing Made Easy #1: A beginner’s guide to writing a fuzzing harness - SRLabs Research
In this article, we focus on customizing a fuzzing harness, the key to effective fuzz testing.
Please open Telegram to view this post
VIEW IN TELEGRAM
Securelist
New Tomiris tools and techniques: multiple reverse shells, Havoc, AdaptixC2
Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram.
#ebpf #linux_kernel #ring0
@ZwLowLevel
https://hackmag.com/coding/ebpf-tetragon
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Mature audit. Tetragon demonstrates the tremendous power of eBPF
Tech magazine for cybersecurity specialists
StyxLoaderX-EDR-Evasion is a modular framework designed for advanced evasion techniques against Endpoint Detection and Response systems on Windows x64.
#process_injection #malware_development
#maldev
@ZwLowLevel
https://github.com/spontopt/StyxLoaderX-EDR-Evasion
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - spontopt/StyxLoaderX-EDR-Evasion: 🛡️ Implement advanced EDR evasion techniques for Windows x64 systems with StyxLoaderX…
🛡️ Implement advanced EDR evasion techniques for Windows x64 systems with StyxLoaderX, featuring dynamic syscall mapping and AES-256 encryption. - spontopt/StyxLoaderX-EDR-Evasion
#windows_internals #kernel_callbacks
#windows_kernel #reverse_engineering
@ZwLowLevel
https://revers.engineering/beyond-process-and-object-callbacks-an-unconventional-method/
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Evil Routing: Pulling Off a Sophisticated Wi‑Fi Man‑in‑the‑Middle (MITM) Attack
Tech magazine for cybersecurity specialists
Please open Telegram to view this post
VIEW IN TELEGRAM
colinfinck.de
nt-load-order Part 1: WinDbg'ing our way into the Windows bootloader - ColinFinck.de
There are close to zero reasons to reverse-engineer the Windows driver load order. Which is exactly why I’m doing it. And if you are as crazy as me and want to write a Windows bootloader in Rust, you inevitably need to deal with this topic. Likewise, if you…
Forwarded from S.E.Reborn
• Lateral movement in red teaming is all about moving between targets in the environment to reach the objective.
- Password;
- WinRM;
- RDP;
- MSSQL;
- SMB;
- Interactive-shell;
- NTHash;
- Pass-the-Hash;
- Overpass-the-Hash;
- Pass-the-Key;
- MSSQL;
- Execute OS Commands;
- Trusted Link Abuse in MS SQL;
- SCCM (MECM);
- Credential Harvest;
- Network Access Account;
- Client Push Credentials;
- Application & Script Deployment;
- Security Research.
#AD #Пентест
Please open Telegram to view this post
VIEW IN TELEGRAM