This media is not supported in your browser
VIEW IN TELEGRAM
#Github
sandsifter The x86 processor fuzzer
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
sandsifter The x86 processor fuzzer
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #Security
سوء استفاده از عدم آگاهی دیگران ادامه دارد.
برنامه TelegramX یا TeleX که در تصویر بالا بیان میکند نسخه بلاکچین و ضد فیلتر و رسمی تلگرام است، ارتباط مستقیم با هاتگرام دارد و فقط قصد دارد با ایجاد شباهت اسمی با TelegramX رسمی، به هدف خود برسد.
🚫نسخه بلاکچین تلگرام وجود ندارد
🚫برنامه های موبایل را از استور های رسمی دانلود کنید
🚫به شباهت های اسمی برنامه ها با نسخه اصلی توجه کنید
با یک تحلیل ساده از نسخه ای که معرفی شده میشه فهمید ارتباط مستقیم با هاتگرام دارد یا نسخه ویرایش شده هاتگرام است.
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
سوء استفاده از عدم آگاهی دیگران ادامه دارد.
برنامه TelegramX یا TeleX که در تصویر بالا بیان میکند نسخه بلاکچین و ضد فیلتر و رسمی تلگرام است، ارتباط مستقیم با هاتگرام دارد و فقط قصد دارد با ایجاد شباهت اسمی با TelegramX رسمی، به هدف خود برسد.
🚫نسخه بلاکچین تلگرام وجود ندارد
🚫برنامه های موبایل را از استور های رسمی دانلود کنید
🚫به شباهت های اسمی برنامه ها با نسخه اصلی توجه کنید
با یک تحلیل ساده از نسخه ای که معرفی شده میشه فهمید ارتباط مستقیم با هاتگرام دارد یا نسخه ویرایش شده هاتگرام است.
JsonObjectRequest jsonObjectRequest = new JsonObjectRequest(1, "http://rgapi.hotgram.ir/v12/user/register?slt=" + System.currentTimeMillis() + "&appid=3"
Telegram Channel : @securebyteOur Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
👍5
This media is not supported in your browser
VIEW IN TELEGRAM
#Misc
چند سال پیش بود که یک نسخه جدید از برنامه Syser Debugger معرفی شد و بعد از اون که گفته میشد باید منتظر نسخه های جدید و بروز باشیم، امروز خبر دیگه ای شنیدم و به نظر میرسه که نویسنده Syser Debugger سورس کد مربوط به برنامه را توسط یک فلش خراب از دست داده و خیلی از این بابت ناراحت شدم .
این ویدئو مربوط به چند سال پیش هست وقتی داشتم برای اولین بار نرم افزار را تست میکردم.
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
چند سال پیش بود که یک نسخه جدید از برنامه Syser Debugger معرفی شد و بعد از اون که گفته میشد باید منتظر نسخه های جدید و بروز باشیم، امروز خبر دیگه ای شنیدم و به نظر میرسه که نویسنده Syser Debugger سورس کد مربوط به برنامه را توسط یک فلش خراب از دست داده و خیلی از این بابت ناراحت شدم .
این ویدئو مربوط به چند سال پیش هست وقتی داشتم برای اولین بار نرم افزار را تست میکردم.
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#eBook #radare2
📗Radare2 Official Updated Ebook
🌐 Website
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Radare2 Official Updated Ebook
🌐 Website
Picture is related to cutter, the Radare2 GUI.
Telegram Channel : @securebyteOur Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #ReverseEngineering #Mobile
MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals.
فریم ورک مارا جهت تحلیل و بررسی و مهندسی معکوس نرم افزار های موبایل بر اساس OWASP mobile security threats.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals.
فریم ورک مارا جهت تحلیل و بررسی و مهندسی معکوس نرم افزار های موبایل بر اساس OWASP mobile security threats.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #MobSF
Mobile Security Framework (MobSF)
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code.
فریم ورک MobSF جهت بررسی استاتیک و داینامیک نرم افزار های موبایل در پلاتفرم های اندروید، آی او اس و ویندوز موبایل.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Mobile Security Framework (MobSF)
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code.
فریم ورک MobSF جهت بررسی استاتیک و داینامیک نرم افزار های موبایل در پلاتفرم های اندروید، آی او اس و ویندوز موبایل.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
This media is not supported in your browser
VIEW IN TELEGRAM
#securebyte
سلام خدمت دوستان و همراهان گرامی
با توجه به اعلام قبلی مبنی بر توسعه و آماده سازی زیر ساخت های آموزشی، کلاس های حضوری، آنلاین و دوره های مالتی مدیا از سال آینده به امید خدا برگزار خواهند شد که حتما در پستی مجزا به این موضوع مفصل می پردازم که چه تغییراتی در روند فعالیت ها رخ داده و یا در حال تغییر می باشند.
تشکر از دوستانی که تا به امروز پیگیر این موضوع بودند و همیشه ما را دنبال می کنند.
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
سلام خدمت دوستان و همراهان گرامی
با توجه به اعلام قبلی مبنی بر توسعه و آماده سازی زیر ساخت های آموزشی، کلاس های حضوری، آنلاین و دوره های مالتی مدیا از سال آینده به امید خدا برگزار خواهند شد که حتما در پستی مجزا به این موضوع مفصل می پردازم که چه تغییراتی در روند فعالیت ها رخ داده و یا در حال تغییر می باشند.
تشکر از دوستانی که تا به امروز پیگیر این موضوع بودند و همیشه ما را دنبال می کنند.
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Android
📗Android App Reverse Engineering 101
This workshop will be wholly based on reverse engineering through static analysis, or analyzing and understanding an application by examining its code.
Table of Contents
➖Introduction
➖Android Application Fundamentals
➖Getting Started with Reversing Android Apps
➖Reverse Engineering Android Apps - DEX Bytecode
➖Reverse Engineering Android Apps - Native Libraries
➖Reverse Engineering Android Apps - Obfuscation
➖Conclusion
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Android App Reverse Engineering 101
This workshop will be wholly based on reverse engineering through static analysis, or analyzing and understanding an application by examining its code.
Table of Contents
➖Introduction
➖Android Application Fundamentals
➖Getting Started with Reversing Android Apps
➖Reverse Engineering Android Apps - DEX Bytecode
➖Reverse Engineering Android Apps - Native Libraries
➖Reverse Engineering Android Apps - Obfuscation
➖Conclusion
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering #Android
📗How to start Reverse Engineering on Android Application Series (6 Parts)
➖By: Ankit Mishra
🌐 Website
More Parts, Exist in Author's Profile
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗How to start Reverse Engineering on Android Application Series (6 Parts)
➖By: Ankit Mishra
🌐 Website
More Parts, Exist in Author's Profile
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#TrainingCourse #MalwareAnalysis
📗Introduction to Malware Analysis and Reverse Engineering (2017-2018-2020) University of Cincinnati.
➖Week 01: Introduction to VirtualBox and Lab VMs
➖Week 02: Intro to malware taxonomy / building a basic attack
➖Week 03: Deconstruct attack with static analysis
➖Week 04: x86 disassembly and analysis
➖Week 05: Dynamic analysis, networking, Immunity Intro
➖Week 06: Immunity Debugger analysis workflows
➖Week 07: Mid-Term Project week #1, no class
➖Week 08: Run-time analysis with debugger / inetsim / etc.
➖Week 09: Identification with Yara and other tools
➖Week 10: Spring break - NO CLASS
➖Week 11: Using ELK to analyze behavioral logs
➖Week 12: Java & SWF malware analysis
➖Week 13: Android Malware analysis tools, setup
➖Week 14: Android malware static analysis
➖Week 15: Android malware live analysis
➖Week 16: Finals week - Final project
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Introduction to Malware Analysis and Reverse Engineering (2017-2018-2020) University of Cincinnati.
➖Week 01: Introduction to VirtualBox and Lab VMs
➖Week 02: Intro to malware taxonomy / building a basic attack
➖Week 03: Deconstruct attack with static analysis
➖Week 04: x86 disassembly and analysis
➖Week 05: Dynamic analysis, networking, Immunity Intro
➖Week 06: Immunity Debugger analysis workflows
➖Week 07: Mid-Term Project week #1, no class
➖Week 08: Run-time analysis with debugger / inetsim / etc.
➖Week 09: Identification with Yara and other tools
➖Week 10: Spring break - NO CLASS
➖Week 11: Using ELK to analyze behavioral logs
➖Week 12: Java & SWF malware analysis
➖Week 13: Android Malware analysis tools, setup
➖Week 14: Android malware static analysis
➖Week 15: Android malware live analysis
➖Week 16: Finals week - Final project
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #Exploiting
📗Binary Exploitation: Format String Vulnerabilities series
➖By : Vickie Li
Welcome to the binary exploitation series! In the coming posts, we are going to explore concepts and tricks used in binary exploitation. I hope you’re as excited as I am!
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Binary Exploitation: Format String Vulnerabilities series
➖By : Vickie Li
Welcome to the binary exploitation series! In the coming posts, we are going to explore concepts and tricks used in binary exploitation. I hope you’re as excited as I am!
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #Cuckoo
Cuckoo VM for Malware Analysis By binaryzone
If you do not want to put some time in installing your own Cuckoo Sandbox for different reasons, then you could just download the Virtual Machine (VM) that I have prepared. What I’ve done is get Cuckoo to run in a VM, so you might be asking what does that mean? Well, it means that first Cuckoo is running in a VM and second that Cuckoo will be running its analysis within another VM. Yes, a VM in another VM or what is technically called “Nested Virtualization“. I used VMWare for my VM, but since I’ve exported it to OVA, then you should be good to just import and run.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Cuckoo VM for Malware Analysis By binaryzone
If you do not want to put some time in installing your own Cuckoo Sandbox for different reasons, then you could just download the Virtual Machine (VM) that I have prepared. What I’ve done is get Cuckoo to run in a VM, so you might be asking what does that mean? Well, it means that first Cuckoo is running in a VM and second that Cuckoo will be running its analysis within another VM. Yes, a VM in another VM or what is technically called “Nested Virtualization“. I used VMWare for my VM, but since I’ve exported it to OVA, then you should be good to just import and run.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
کانال بایت امن
#Github #Cuckoo Cuckoo VM for Malware Analysis By binaryzone If you do not want to put some time in installing your own Cuckoo Sandbox for different reasons, then you could just download the Virtual Machine (VM) that I have prepared. What I’ve done is get…
#Github #Cuckoo
Cuckoo VM for Malware Analysis By binaryzone
Things you need:
1. The VM from download link
2. Username: user1 & Password: forensics
3. Add a Windows ISO to your Cuckoo VM
4. Submit a sample and get some results…
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Cuckoo VM for Malware Analysis By binaryzone
Things you need:
1. The VM from download link
2. Username: user1 & Password: forensics
3. Add a Windows ISO to your Cuckoo VM
4. Submit a sample and get some results…
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineering
📗Windows Process Injection in 2019 - BlackHat USA-19
➖Amit Klein, Itzik Kotler
Process injection in Windows appears to be a well-researched topic, with many techniques now known and implemented to inject from one process to the other. Process injection is used by malware to gain more stealth (e.g. run malicious logic in a legitimate process) and to bypass security products (e.g. AV, DLP and personal firewall solutions) by injecting code that performs sensitive operations (e.g. network access) to a process which is privileged to do so.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗Windows Process Injection in 2019 - BlackHat USA-19
➖Amit Klein, Itzik Kotler
Process injection in Windows appears to be a well-researched topic, with many techniques now known and implemented to inject from one process to the other. Process injection is used by malware to gain more stealth (e.g. run malicious logic in a legitimate process) and to bypass security products (e.g. AV, DLP and personal firewall solutions) by injecting code that performs sensitive operations (e.g. network access) to a process which is privileged to do so.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
کانال بایت امن
#Github #MobSF Mobile Security Framework (MobSF) Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective…
#Article #ReverseEngineering
📗iOS Security Analysis with MobSF
➖Netguru
Recently, our iOS security team was looking for a security analysis tool and we tested MobSF as one of our solutions. MobSF is a tool recommended by OWASP in its Mobile Security Testing Guide.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
📗iOS Security Analysis with MobSF
➖Netguru
Recently, our iOS security team was looking for a security analysis tool and we tested MobSF as one of our solutions. MobSF is a tool recommended by OWASP in its Mobile Security Testing Guide.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #Internals
Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
(win32k.sys).
The interface between a process and an operating system is provided by system calls. In general, system calls are available as assembly language instructions. They are also included in the manuals used by the assembly level programmers.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
(win32k.sys).
The interface between a process and an operating system is provided by system calls. In general, system calls are available as assembly language instructions. They are also included in the manuals used by the assembly level programmers.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Article #ReverseEngineeing #OSX
This corner dedicated to reverse engineering, malware, rootkits, and security.
Content is mostly dedicated to Mac OS X and also iOS.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
This corner dedicated to reverse engineering, malware, rootkits, and security.
Content is mostly dedicated to Mac OS X and also iOS.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #Internals
Another Repo with more details about Windows System Call Tables.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
Another Repo with more details about Windows System Call Tables.
🌐 Website
Telegram Channel : @securebyte
Our Public Group : https://news.1rj.ru/str/joinchat/8IAKs9HaoGU2NmE0
_
#Github #ReverseEngineering #Syser
Do you Remember Syser Debugger ? 😉
1430 230320
➖implement FPU reg "%1.7e"
➖ implement XMM 8/16 reg by dword x 4
➖ fix instr info for qword data
➖ fix all disassm in uppercase
➖ fix debugger leak handle
➖ revert fix for detached process
➖ fix debugger handle unload dll
🌐 Website
@securebyte
Do you Remember Syser Debugger ? 😉
1430 230320
➖implement FPU reg "%1.7e"
➖ implement XMM 8/16 reg by dword x 4
➖ fix instr info for qword data
➖ fix all disassm in uppercase
➖ fix debugger leak handle
➖ revert fix for detached process
➖ fix debugger handle unload dll
🌐 Website
@securebyte