Low Level CO 🇨🇴 pinned «PatchGuard Peekaboo: Hiding Processes on Systems with PatchGuard in 2026 #windows_internals #windows_kernel #reverse_engineering #reversing @ZwLowLevel »
Tutorial: DLL Sideloading and function proxying with ShellcodePack
#malware_development
#maldev
#malwatedev
@ZwLowLevel
Medium
Tutorial: DLL Sideloading and function proxying with ShellcodePack
DLL sideloading is a technique that allows an attacker to have a legitimate signed application run some malicious code on Windows. It work…
Debugging WinDbg with WinDbg: Fixing a Ctrl-C UI Freeze
https://www.island.io/blog/debugging-windbg-with-windbg-fixing-a-ctrl-c-ui-freeze
https://www.island.io/blog/debugging-windbg-with-windbg-fixing-a-ctrl-c-ui-freeze
#reversing
#reverse_engineering
@ZwLowLevel
Island.io
Fixing the Windows Debugger freeze when copying text
Follow an Island engineer’s deep dive into fixing a years-old Windows Debugger issue - the few-second freeze when copying text from WinDbg.
Clang Hardening Cheat Sheet - Ten Years Later
https://blog.quarkslab.com/clang-hardening-cheat-sheet-ten-years-later.html
https://blog.quarkslab.com/clang-hardening-cheat-sheet-ten-years-later.html
#programming
#overrun
#rop
#memory_protection
@ZwLowLevel
Quarkslab
Clang Hardening Cheat Sheet - Ten Years Later - Quarkslab's blog
Ten years ago, we published a Clang Hardening Cheat Sheet. Since then, both the threat landscape and the Clang toolchain have evolved significantly. This blog post presents the new mitigations available in Clang to improve the security of your applications.
Golden Byte
🇮🇷 Internet blackout in Iran
El pueblo de Irán necesita de Starlink u otro medio de comunicación alternativo en momentos de tensión interna.
😁1
IDontLikeFileLocks
This technique could be (and probably is/will be) used by stealer malware to silently extract browser credentials and session tokens without killing processes or triggering obvious file access patterns.
This technique could be (and probably is/will be) used by stealer malware to silently extract browser credentials and session tokens without killing processes or triggering obvious file access patterns.
#malware_development
#malwaredev
#maldev
🆔 @ZwLowLevel
GitHub
GitHub - EvilBytecode/IDontLikeFileLocks: Title is self explaining, well theres few methods we can do to read locked file and play…
Title is self explaining, well theres few methods we can do to read locked file and play with it... - EvilBytecode/IDontLikeFileLocks
Reborn in Rust: Muddy Water Evolves Tooling with RustyWater Implant
#malware_analysis
#cyber_threat_intelligence
#cti
🆔 @ZwLowLevel
Cloudsek
Reborn in Rust: Muddy Water Evolves Tooling with RustyWater Implant | CloudSEK
CloudSEK's TRIAD recently identified a spear-phishing campaign attributed to the Muddy Water APT group targeting multiple sectors across the Middle East, including diplomatic, maritime, financial, and telecom entities. The campaign uses icon spoofing and…
Don't forget guys, you can seek in this channel posts related to exploit and malware development, reversing, Windows internals, firmware analysis, low level concepts and cutting edge techniques. Stay well!
Microsoft-specific exception handling mechanisms
Microsoft-specific exception handling mechanisms primarily refer to Structured Exception Handling (SEH), a set of extensions to the C and C++ languages provided by Microsoft Visual Studio compilers for managing exceptional conditions, such as hardware faults and software errors, in Windows environments.
Microsoft-specific exception handling mechanisms primarily refer to Structured Exception Handling (SEH), a set of extensions to the C and C++ languages provided by Microsoft Visual Studio compilers for managing exceptional conditions, such as hardware faults and software errors, in Windows environments.
#windows_internals
🆔 @ZwLowLevel
Grokipedia
Microsoft-specific exception handling mechanisms
Microsoft-specific exception handling mechanisms primarily refer to Structured Exception Handling (SEH), a set of extensions to the C and C++ languages provided by Microsoft Visual Studio compilers for managing exceptional conditions, such as hardware faults…
Inside GoBruteforcer: AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns
#malware_analysis
#cyber_threat_intelligence
#cti
🆔 @ZwLowLevel
Check Point Research
Inside GoBruteforcer: AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns - Check Point Research
Key takeaways Introduction GoBruteforcer is a botnet that turns compromised Linux servers into scanning and password brute-force nodes. It targets internet-exposed services such as phpMyAdmin web panels, MySQL and PostgreSQL databases, and FTP servers. Infected…