Forwarded from OnHex
Implant.ARM_.iLOBleed.a-fa-1.pdf
985.2 KB
🔴 گزارش شرکت امن پرداز، در خصوص کشف اولین روت کیت در فریمورهای ILO سرورهای HP در شبکه ی ایران
🆔 @onhex_ir
➡️ ALL Link
🆔 @onhex_ir
➡️ ALL Link
👍1
Amnpardaz-iLOBleed.pdf
761.5 KB
Take the lights-out Implant.ARM.iLOBleed.a
The first rootkit discovered infecting HP iLO firmware
English Version
*from vx-underground *
The first rootkit discovered infecting HP iLO firmware
English Version
*from vx-underground *
How to Write Shellcode for Shellcode Injection and Simplify Assembly Code Development
https://medium.com/@muchiemma/how-to-write-shellcode-for-shellcode-injection-and-simplify-assembly-code-development-703c3f214c46
#malware_dev #shellcode
https://medium.com/@muchiemma/how-to-write-shellcode-for-shellcode-injection-and-simplify-assembly-code-development-703c3f214c46
#malware_dev #shellcode
17065-manual-shellcode.pdf
1.3 MB
manual-shellcode.pdf
#shellcode
#shellcode
The path from a C project and assembler to shellcode
https://www.orderofsixangles.com/translations/2021/06/12/shellcoding.html
#shellcode
https://www.orderofsixangles.com/translations/2021/06/12/shellcoding.html
#shellcode
Order Of Six Angles
Путь от проекта на Си и ассемблера, к шеллкоду
Оригинал
❤🔥2
Source Byte pinned «Basics of Windows shellcode writing https://idafchev.github.io/exploit/2017/09/26/writing_windows_shellcode.html #shellcode»
New PoolParty Process Injection Techniques Outsmart Top EDR Solutions
thehackernews.com/2023/12/ne…
#EDR , #process_injection
thehackernews.com/2023/12/ne…
#EDR , #process_injection
Horse Shell analysis (TP-Link routers malware by chinese APT Camaro Dragon)
Credits @_CPResearch_
buff.ly/42WZ8zW
#malware , #IoT ,
Credits @_CPResearch_
buff.ly/42WZ8zW
#malware , #IoT ,
👍2
Ten process injection techniques:
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
#malware_dev
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
#malware_dev
Process injection
Covers these:
#malware_dev
Covers these:
Techniques that i will cover here:https://github.com/MahmoudZohdy/Process-Injection-Techniques/tree/main
[x] Inject Dll in remtote process using CreateRemoteThread API.
[x] Inject Dll in remtote process using SetWindowsHookExW API.
[x] Inject ShellCode in remtote process using CreateRemoteThread API.
[x] Inject ShellCode in remote process using QueueUserAPC API.
[x] Inject ShellCode in remote process using Early Bird Technique.
[x] Inject ShellCode in remote process using TLS CallBack Technique.
[x] Inject using Thread execution hijacking.
[x] Inject Dll in remtote process using Reflective DLL injection.
[x] inject using Process Hollowing.
[x] inject using Process Doppelganging.
[ ] inject using Atom Bombing.
[x] inject using Process Ghosting.
[x] inject and persist using Image File Execution Options.
[x] inject using using AppInit_DLLs Registry.
[x] inject using using AppCertDlls Registry.
#malware_dev
❤🔥1
Northsec:
Advanced process injection
https://www.youtube.com/live/pgaGpH2dYFc?si=AO8C8i-Xm9DDSF7F
#malware_dev , #process_injection
Advanced process injection
https://www.youtube.com/live/pgaGpH2dYFc?si=AO8C8i-Xm9DDSF7F
#malware_dev , #process_injection
YouTube
Advanced Process Injection Techniques
"Advanced Process Injection Techniques" is a hands-on workshop focused on providing candidates insights about the APT tactics & techniques on the privilege escalation & persistence phase. This workshop is a quick deep-dive into the Microsoft windows world…
Black hat: process injection techniques - Gotta catch them all
https://youtu.be/xewv122qxnk?si=MvVaE9RLQCPQ67wn
#malware_analysis , #malware_dev , #process_injection
https://youtu.be/xewv122qxnk?si=MvVaE9RLQCPQ67wn
#malware_analysis , #malware_dev , #process_injection
YouTube
Process Injection Techniques - Gotta Catch Them All
In this presentation, we provide the most comprehensive to-date "Windows process injection" collection of techniques - the first time such resource is available, that really covers all (or almost all) true injection techniques. We focus on Windows 10 x64…
👍1