NEW BOT Телеграм, страница

decoded PowerShell noscript that perform C2 connection. The noscript decodes and executes commands received from a C2 server by using R64Decoder Function.
credit : @whichbuffer

this tool was used by an APT to target

@bellingcat

https://gist.github.com/whichbuffer/22621545f9f5a1d946affd34f6659e64

#c2 , #powershell , #tool

❤‍🔥2

684 viewsAnastasia 🐞, edited 17:34

Source Byte

+ why are you laughing?
- nothing 😂

#mem

🤔1🤓1🎃1

596 viewsAnastasia 🐞, 07:09

Source Byte

Analyzing AsyncRAT's Code Injection into aspnet_compiler.exe Across Multiple Incident Response Cases

trendmicro.com/en_us/researc…

#AsyncRAT , #code_injection , #analysis

👍4

592 viewsAnastasia 🐞, edited 17:50

Source Byte

Needles Without The Thread: Threadless Process Injection

https://m.youtube.com/watch?si=UlFxll8AwTtMM0Cz&v=z8GIjk0rfbI&feature=youtu.be

Credit : @_EthicalChaos_

#thread , #process_injection

621 viewsAnastasia 🐞, edited 20:10

Source Byte

How GitLab's Red Team automates C2 testing

Credit: @eip_4141

https://about.gitlab.com/blog/2023/11/28/how-gitlabs-red-team-automates-c2-testing/

#c2 ,

681 viewsAnastasia 🐞, 20:30

Source Byte

Using Office VBA Macro to exploit a vulnerable driver (zam64.sys) using DeviceIoControl, to get NTAUTHORITY\SYSTEM

TL;DR - Ring 0 using Office Doc}

Credit: @0xDISREL

https://disrel.com/posts/Ring0VBA-Getting-Ring0-Using-a-Goddamn-Word-Document/

#driver , #exploitation, #VBA

791 viewsAnastasia 🐞, 04:49

Source Byte

HexBuddy-Leaked-Courses-Backup.txt

6.2 KB

Here is a list of update courses from various telegram channels gathered by our friend HexBuddy

633 viewsAnastasia 🐞, 06:42

Source Byte

decoded PowerShell noscript that perform C2 connection. The noscript decodes and executes commands received from a C2 server by using R64Decoder Function. credit : @whichbuffer this tool was used by an APT to target

@bellingcat

https://gist.github.com/…

Someone post it on Twitter and got 5k views and 90 likes while you don't even share post to others 👀

692 viewsAnastasia 🐞, 07:17

Source Byte

Source Byte pinned «Using Office VBA Macro to exploit a vulnerable driver (zam64.sys) using DeviceIoControl, to get NTAUTHORITY\SYSTEM TL;DR - Ring 0 using Office Doc} Credit: @0xDISREL https://disrel.com/posts/Ring0VBA-Getting-Ring0-Using-a-Goddamn-Word-Document/ #driver…»

12:43

Source Byte

Writing a simple 16 bit VM in less than 125 lines of C

https://andreinc.net/2021/12/01/writing-a-simple-vm-in-less-than-125-lines-of-c

#VM

704 viewsAnastasia 🐞, 16:38

Source Byte

Perfect DLL Hijacking elliotonsecurity.com/perfect…

#dll_hijacking

648 viewsAnastasia 🐞, 14:56

Source Byte

creating a Rootkit to Learn C

credit : @h0mbre_

https://h0mbre.github.io/Learn-C-By-Creating-A-Rootkit/#

#rootkit ,

🔥1

654 viewsAnastasia 🐞, 14:58

Source Byte

Reminder that creating a memory dump of Outlook.exe not only produces access tokens but also potentially sensitive email content.

Stealing Access Tokens From Office Desktop Applications :
https://mrd0x.com/stealing-tokens-from-office-applications/

credit : @mrd0x

#memory_dump ,

707 viewsAnastasia 🐞, edited 15:11

Source Byte

Writing A Decent Win32 Keylogger

synacktiv.com/publications/w…

#key_logger
@islemolecule_source

715 viewsAnastasia 🐞, edited 10:19

Source Byte

C2 development guide

https://www.soheilsec.com/توسعه-بدافزار-c2

Language: Persian

credit: @soheilsec

#c2 ,
@islemolecule_source

786 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 21:05

Source Byte

C2 Matrix

docs

#c2
@islemolecule_source

703 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 21:17

Source Byte

GitBook
Building C2 Implants in C++: A Primer: Introduction

https://shogunlab.gitbook.io

#c2
@islemolecule_source

750 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 21:23

About

Blog

Apps

Platform