"Becoming a Vulnerability Researcher roadmap: my personal experience"
https://gist.github.com/tin-z/a469e996f8107a5ca8d3c858a2a4b65f
https://gist.github.com/tin-z/a469e996f8107a5ca8d3c858a2a4b65f
Gist
Becoming a Vulnerability Researcher roadmap: my personal experience
Becoming a Vulnerability Researcher roadmap: my personal experience - VR_roadmap.md
Про обфускацию Control Flow Flattening
https://nerodesu017.github.io/posts/2023-12-01-antibots-part-8
https://nerodesu017.github.io/posts/2023-12-01-antibots-part-8
Nerodesu017
ANTIBOTS - PART VIII - Geetest - CFF
In-Depth Control-Flow-Flattening Analysis
Только что вышла книга Windows Native API Programming от крутого автора Pavel Yosifovich!
Я ее купил для вас и выложил бесплатно. Качайте!
EPUB
PDF
Я ее купил для вас и выложил бесплатно. Качайте!
EPUB
Свежак! Каждый найдет для себя что-то интересное
Collection of Golang projects designed specifically for red teamers
x86 Real-Mode MS-DOS Emulator using Windows Hypervisor Platform
How a Clever 1960s Memory Trick Changed Computing (видео)
Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
Fuzzer Development 4: Snapshots, Code-Coverage, and Fuzzing
My iOS Web Hacking Setup - Surge, Termius, and Caido
LLM for automated hacking (набор ссылок)
Exploiting Trend Micro EDR
ChatGPT's Advanced Data Analysis and Code Execution - Experiments
Офигеная статья по внутренностям китайского иб
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation
How To Use Dumpulator For Malware Analysis
Writing an IR (intermidiate representation) from Scratch ( Android analysis tool)
Obfuscate the payload while simultaneously lowering its entropy
Incremental Symbolic Execution for the Clang Static Analyzer (видео) (слайды)
Collection of Golang projects designed specifically for red teamers
x86 Real-Mode MS-DOS Emulator using Windows Hypervisor Platform
How a Clever 1960s Memory Trick Changed Computing (видео)
Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
Fuzzer Development 4: Snapshots, Code-Coverage, and Fuzzing
My iOS Web Hacking Setup - Surge, Termius, and Caido
LLM for automated hacking (набор ссылок)
Exploiting Trend Micro EDR
ChatGPT's Advanced Data Analysis and Code Execution - Experiments
Офигеная статья по внутренностям китайского иб
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation
How To Use Dumpulator For Malware Analysis
Writing an IR (intermidiate representation) from Scratch ( Android analysis tool)
Obfuscate the payload while simultaneously lowering its entropy
Incremental Symbolic Execution for the Clang Static Analyzer (видео) (слайды)
Обновленная статья от известного в узких кругах DebugPrivilege про исследование crash dump
GitHub
InsightEngineering/Debugging 101/Section 9: Triaging a Crash Dump at main · DebugPrivilege/InsightEngineering
Hardcore Debugging. Contribute to DebugPrivilege/InsightEngineering development by creating an account on GitHub.
Сокрытие пейлода в памяти gpu, для антиав
https://raw.githubusercontent.com/vxunderground/VXUG-Papers/main/GpuMemoryAbuse.cpp
https://raw.githubusercontent.com/vxunderground/VXUG-Papers/main/GpuMemoryAbuse.cpp
Exploiting Steam
https://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/
https://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/
DARKNAVY
Exploiting Steam: Usual and Unusual Ways in the CEF Framework
Introduction
The Chromium Embedded Framework (CEF) is an open-source framework that allows developers to embed the Chromium engine in their applications. Although CEF is widely employed in a range of popular software, including WeChat and the Epic Games Launcher…
The Chromium Embedded Framework (CEF) is an open-source framework that allows developers to embed the Chromium engine in their applications. Although CEF is widely employed in a range of popular software, including WeChat and the Epic Games Launcher…
(dis)assembly framework. It supports all LLVM 15 architectures, with C++, Rust, and Python bindings.
блог
гитхаб
блог
гитхаб
Emproof
Introducing Nyxstone: An LLVM-based (Dis)assembly Framework - Emproof
At Emproof, our mission is to enhance the security and integrity of embedded systems through innovative binary rewriting techniques. We are committed to providing advanced […]
Order of Six Angles
By combining Frida with an enhanced version of Tenet, Frinet facilitates the study of large programs, vulnerability research and root-cause analysis on iOS, Android, Windows and most architectures. https://www.synacktiv.com/publications/frinet-reverse-engineering…
Интересный плагин, но пока чето не могу подобрать под него кейс 😐
Forwarded from RME-DisCo @ UNIZAR [www.reversea.me]
Breaking Custom Encryption Using Frida (Mobile Application Pentesting) #CustomEncryption #Frida #MobileApp #PenTesting #ApplicationSecurity https://labs.cognisys.group/posts/Breaking-Custom-Ecryption-Using-Frida-Mobile-Application-pentesting/
Cognisys Group Labs
Breaking Custom Encryption Using Frida (Mobile Application Pentesting)
Overview
Когда-то давно составлял для себя заметку по лайфхакам анализа .NET малвари, делюсь ей с вами.
Советы для исследования .NET малвари
Советы для исследования .NET малвари
Order Of Six Angles
Советы для исследования .NET малвари
У нас есть малварь, которая декодирует ресурс DE. С помощью скрипта stego можно расшифровать картинку. Результат декодирования: Также этот скрипт способен производить обратную операцию - превращать файл в стеганографическое изображение. Может использоваться…
💋
pwn.college - ctf задания для начинающих
Commonly Abused Linux Initial Access Techniques and Detection Strategies
GoogleCTF 2024 Writeups
An unexpected journey into Microsoft Defender's signature World.
Static deobfuscator for Themida/WinLicense/Code Virtualizer's mutation-based obfuscation.
Persistence with GPO Item Level Targeting
Эксплуатация CVE-2024-29943 (слайды)
The Ultimate Aim of Kernel Exploitation - Process Credentials
Learning LLVM (Part-1) - Writing a simple LLVM pass
Exploiting V8 at openECSC
Hypervisor-enforced Paging Translation - The end of non data-driven Kernel Exploits (Recon2024) слайды pptx
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust
A Tale of Reverse Engineering 1001 GPTs: The good, the bad And the ugly
OSED materials (twit)
PgC: Garbage collecting Patchguard away
pwn.college - ctf задания для начинающих
Commonly Abused Linux Initial Access Techniques and Detection Strategies
GoogleCTF 2024 Writeups
An unexpected journey into Microsoft Defender's signature World.
Static deobfuscator for Themida/WinLicense/Code Virtualizer's mutation-based obfuscation.
Persistence with GPO Item Level Targeting
Эксплуатация CVE-2024-29943 (слайды)
The Ultimate Aim of Kernel Exploitation - Process Credentials
Learning LLVM (Part-1) - Writing a simple LLVM pass
Exploiting V8 at openECSC
Hypervisor-enforced Paging Translation - The end of non data-driven Kernel Exploits (Recon2024) слайды pptx
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust
A Tale of Reverse Engineering 1001 GPTs: The good, the bad And the ugly
OSED materials (twit)
PgC: Garbage collecting Patchguard away
Learning LLVM (Part-2) (сурсы)
ZDI-24-821: A Remote UAF in The Kernel's net/tipc
A Short Tale of Sysctl
The Art of Malware C2 Scanning - How to Reverse and Emulate Protocol Obfuscated by Compiler
Chrome exploitation
Evading Event Tracing for Windows (ETW)-Based Detections
JTAG debug of windows Hyper V
ZDI-24-821: A Remote UAF in The Kernel's net/tipc
A Short Tale of Sysctl
The Art of Malware C2 Scanning - How to Reverse and Emulate Protocol Obfuscated by Compiler
Chrome exploitation
Evading Event Tracing for Windows (ETW)-Based Detections
JTAG debug of windows Hyper V
sh4dy's blog
Learning LLVM (Part-2)
IntroductionIn the first part of my blog series on compilers and LLVM, I provided a brief introduction to compiler fundamentals and LLVM. We also wrote a simple LLVM analysis pass to print function na