❤4😁1
Forwarded from Telegram
Please note that our moderators had to block the following messages in your channel @citsecurity due to copyright infringement: https://news.1rj.ru/str/c/1232370609/6178
😁8👍1👏1
C.I.T. Security
Еноты на месте?🦝 Вам в мусорку накидали🗑 https://news.1rj.ru/str/+WOFeU7VW2oYyZTI0
На мусорку подпишитесь на всякий случай
👍1
ShadowDumper
It uses 7 advanced techniques to dump LSASS memory.
Capabilities:
It uses 7 advanced techniques to dump LSASS memory.
Capabilities:
• Unhooked Injection (Modified Mimikatz Binary) – Utilizes unhooking to inject a modified Mimikatz binary, bypassing EDR hooks and evading detection.
• Unhooked Injection (Direct Syscalls with MDWD) – Implements direct syscalls for stealthy injection using MDWD, reducing the footprint left behind.
• Simple MiniDumpWriteDump API – Executes the straightforward MiniDumpWriteDump API method for standard LSASS memory extraction.
• MINIDUMP_CALLBACK_INFORMATION Callbacks – Uses callback functions for custom handling, offering greater control over the dumping process.
• Process Forking Technique – Forks the LSASS process, creating a memory clone and avoiding direct access to the target process.
• Direct Syscalls with MiniDumpWriteDump – Combines direct syscalls with MiniDumpWriteDump, enhancing stealth by avoiding typical API hooks.
• Native Dump with Direct Syscalls (Offline Parsing) – Leverages direct syscalls to create a native dump with essential streams for offline parsing, perfect for low-noise operations.
👍3
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example.
Linux malware development 2: find process ID by name. Simple C example.
Malware development trick 43: Shuffle malicious payload. Simple C example.
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example.
Malware and cryptography 34: encrypt payload via DFC algorithm. Simple C example.
Linux malware development 2: find process ID by name. Simple C example.
Malware development trick 43: Shuffle malicious payload. Simple C example.
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example.
Malware and cryptography 34: encrypt payload via DFC algorithm. Simple C example.
This media is not supported in your browser
VIEW IN TELEGRAM
KrakenMask
Sleep obfuscation
Update 2.1 :
New advanced evasion method on CONTEXT.RIP with gadgets never used before.
Update 2.0 :
Sleep mask using APC with gadget-based evasion to bypass current detection methods.
Sleep obfuscation
Update 2.1 :
New advanced evasion method on CONTEXT.RIP with gadgets never used before.
Update 2.0 :
Sleep mask using APC with gadget-based evasion to bypass current detection methods.
#ransomware_everywhere
Extract and execute a PE embedded within a PNG file using an LNK file.
https://github.com/Maldev-Academy/ExecutePeFromPngViaLNK
Extract and execute a PE embedded within a PNG file using an LNK file.
https://github.com/Maldev-Academy/ExecutePeFromPngViaLNK
GitHub
GitHub - Maldev-Academy/ExecutePeFromPngViaLNK: Extract and execute a PE embedded within a PNG file using an LNK file.
Extract and execute a PE embedded within a PNG file using an LNK file. - Maldev-Academy/ExecutePeFromPngViaLNK
This media is not supported in your browser
VIEW IN TELEGRAM
This #shell is the ultimate WinRM shell for #hacking/#pentesting.
https://github.com/Hackplayers/evil-winrm/tree/ai
@freedomf0x
https://github.com/Hackplayers/evil-winrm/tree/ai
@freedomf0x
Exploit-Street
Сборник самых свежих #LPE эксплойтов под #Windows (начиная с 2023) от нашего соотечественика. Windows In The Fire 🥵
#1N73LL1G3NC3
@freedomf0x
Сборник самых свежих #LPE эксплойтов под #Windows (начиная с 2023) от нашего соотечественика. Windows In The Fire 🥵
#1N73LL1G3NC3
@freedomf0x
🔥1