Malware Unpacking With Memory Dumps - Intermediate Methods


https://embee-research.ghost.io/unpacking-malware-using-process-hacker-and-memory-inspection/

#malware_analysis

A cross-platform Command and Control (C2) framework written in Golang and Python.

https://github.com/gatariee/Winton

#malware_dev , #c2 , #go

In 2021, I worked with
@juanandres_gs on a Predatory Sparrow attack against the fuel system. I did not openly share the draft back then, as it exposed live vulnnerable systems. Having their second go with it yesterday, it's time to share it openly now.
https://sites.google.com/darkcell.se/www/sparrows

Explain pe file format from ARteam

#pe

Offensive Windows IPC Internals 3: ALPC

https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html

#windows_internals , #ALPC

Debugging and Reversing ALPC

https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html

#windows_internals , #reversing , #debugging , #ALPC

Most PE executables only have a DOS stub, but Robert Xiao combined DOOM Dos and Windows executables into a single universal file.

Advanced merge of genuine Dos headers, relocations, DOS4/GW headers and PE file.

https://github.com/nneonneo/universal-doom

#PE

intresting google dork by coinicap which show "national IDs"

site:https://test.com/ کارت ملی

i will not share the exact dork becuase of users privacy :)

as i see it works with many websites :)

Malware Development for Dummies

In the age of EDR, red team operators cannot get away with using pre-compiled payloads anymore. As such, malware development is becoming a vital skill for any operator. This workshop will show you all you need to get started!

Slides:
https://github.com/chvancooten/maldev-for-dummies/tree/main/Slides

Exercises:
https://github.com/chvancooten/maldev-for-dummies/tree/main/Exercises

#malware_dev #csharp #nim #golang #rust

Novel Detection of Process Injection Using Network Anomalies

https://akamai.com/blog/security-research/novel-detection-methodology-process-injection-using-network-anomalies

#process_injection , #detection

list of articles on malware development.

https://ru-sfera.pw/threads/vvedenie-v-razrabotku-vredonosnyx-programm-oglavlenie.4435/

#malware_dev

Best Way to Make Malware – List of Tutorials

Link

#malware_dev

We write our own malware. Part 1: Learning to write a completely “undetectable” keylogger

https://habr.com/en/companies/varonis/articles/302458/

#malware_dev

Malware 101: Develop and Analyze our own malware

https://fareedfauzi.github.io/2021/09/20/Malware-dev-analysis.html

#malware_dev #malware_analysis

Malware analysis in Russian
(If you have En version of this pls share)
https://m.vk.com/wall-203365865_416

#malware_analysis

fork() bombing windows

https://mostwanted002.page/post/fork-bomb-windows/

Black Mass vol.1 (30.10.2022) - collection of works exclusive to the release of this zine.

#Black_Mass
#Malware_analysis

(In)direct Syscalls: A journey from high to low
RedOps | Red Team Village | DEF CON 31

https://github.com/VirtualAlllocEx/DEFCON-31-Syscalls-Workshop

#malware_dev
#defcon