Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mytechnotalent/Hacking-Bits: A FREE comprehensive step-by-step 8-bit ATmega328P C and Assembler tutorial covering Embedded…
A FREE comprehensive step-by-step 8-bit ATmega328P C and Assembler tutorial covering Embedded Software Development to Reverse Engineering. - mytechnotalent/Hacking-Bits
Inject DLLs into the explorer process using icons
#process_injection #maldev
#malware_development
@ZwLowLevel
https://github.com/d419h/IconJector
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - d419h/IconJector: Inject DLLs into the explorer process using icons
Inject DLLs into the explorer process using icons. Contribute to d419h/IconJector development by creating an account on GitHub.
#windows_internals #windows_kernel
#callbacks
@ZwLowLevel
https://github.com/colby57/windows_instrumentation_callback
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - colby57/windows_instrumentation_callback: PoC demonstrating the usage of undocumented Process Instrumentation Callback…
PoC demonstrating the usage of undocumented Process Instrumentation Callback for intercepting kernel-to-user transitions (Syscalls, APCs, Exceptions). - colby57/windows_instrumentation_callback
#malware_development #maldev
#windows_internals
https://threathunters.blog/malware-development-create-a-registry-key/
@ZwLowLevel
Please open Telegram to view this post
VIEW IN TELEGRAM
Fuzzing Made Easy #1: A beginner’s guide to writing a fuzzing harness
Fuzzing Made Easy #2: Unlocking the Secrets of Effective Fuzzing Harnesses
Fuzzing Made Easy #2: Unlocking the Secrets of Effective Fuzzing Harnesses
#fuzzing #exploit_development
#exploitation
@ZwLowLevel
SRLabs
Fuzzing Made Easy #1: A beginner’s guide to writing a fuzzing harness - SRLabs Research
In this article, we focus on customizing a fuzzing harness, the key to effective fuzz testing.
Please open Telegram to view this post
VIEW IN TELEGRAM
Securelist
New Tomiris tools and techniques: multiple reverse shells, Havoc, AdaptixC2
Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram.
#ebpf #linux_kernel #ring0
@ZwLowLevel
https://hackmag.com/coding/ebpf-tetragon
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Mature audit. Tetragon demonstrates the tremendous power of eBPF
Tech magazine for cybersecurity specialists
StyxLoaderX-EDR-Evasion is a modular framework designed for advanced evasion techniques against Endpoint Detection and Response systems on Windows x64.
#process_injection #malware_development
#maldev
@ZwLowLevel
https://github.com/spontopt/StyxLoaderX-EDR-Evasion
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - spontopt/StyxLoaderX-EDR-Evasion: 🛡️ Implement advanced EDR evasion techniques for Windows x64 systems with StyxLoaderX…
🛡️ Implement advanced EDR evasion techniques for Windows x64 systems with StyxLoaderX, featuring dynamic syscall mapping and AES-256 encryption. - spontopt/StyxLoaderX-EDR-Evasion
#windows_internals #kernel_callbacks
#windows_kernel #reverse_engineering
@ZwLowLevel
https://revers.engineering/beyond-process-and-object-callbacks-an-unconventional-method/
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Evil Routing: Pulling Off a Sophisticated Wi‑Fi Man‑in‑the‑Middle (MITM) Attack
Tech magazine for cybersecurity specialists
Please open Telegram to view this post
VIEW IN TELEGRAM
colinfinck.de
nt-load-order Part 1: WinDbg'ing our way into the Windows bootloader - ColinFinck.de
There are close to zero reasons to reverse-engineer the Windows driver load order. Which is exactly why I’m doing it. And if you are as crazy as me and want to write a Windows bootloader in Rust, you inevitably need to deal with this topic. Likewise, if you…
Forwarded from S.E.Reborn
• Lateral movement in red teaming is all about moving between targets in the environment to reach the objective.
- Password;
- WinRM;
- RDP;
- MSSQL;
- SMB;
- Interactive-shell;
- NTHash;
- Pass-the-Hash;
- Overpass-the-Hash;
- Pass-the-Key;
- MSSQL;
- Execute OS Commands;
- Trusted Link Abuse in MS SQL;
- SCCM (MECM);
- Credential Harvest;
- Network Access Account;
- Client Push Credentials;
- Application & Script Deployment;
- Security Research.
#AD #Пентест
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - JungliBro/obfuscator: The strongest header-only C++ string obfuscator • 100% compile-time encryption • Keys change every…
The strongest header-only C++ string obfuscator • 100% compile-time encryption • Keys change every single build (even 1s apart) • Thread-safe • Auto re-encryption • Zero runtime overhead - JungliBr...
AMDStackGuard
This repository implements a proof-of-concept (PoC) Windows kernel driver designed to validate the integrity of user-mode call stacks from ring 0 on AMD64 processors.
This repository implements a proof-of-concept (PoC) Windows kernel driver designed to validate the integrity of user-mode call stacks from ring 0 on AMD64 processors.
#windows_internals #call_stack
#windows_kernel
@ZwLowLevel
https://github.com/notsnakesilent/AMDStackGuard
GitHub
GitHub - notsnakesilent/AMDStackGuard: Windows Driver designed to validate the integrity of User-Mode call stacks from Ring 0 (AMD…
Windows Driver designed to validate the integrity of User-Mode call stacks from Ring 0 (AMD IBS / Instruction Based Sampling) - notsnakesilent/AMDStackGuard
🔥1