Concealed code execution: Techniques and detection
(Process Tampering)
Link
#malware_dev
@islemolecule_source
(Process Tampering)
Link
#malware_dev
@islemolecule_source
Octo Banking Botnet [ Source Code ] Leaked
Link
Note: ONLY DEBIAN 11 6 gb RAM / 100 GB / 3 cores, Server Internet speed 100 megabytes
❌open in VM
#leaked
@islemolecule_source
Link
Note: ONLY DEBIAN 11 6 gb RAM / 100 GB / 3 cores, Server Internet speed 100 megabytes
❌open in VM
#leaked
@islemolecule_source
NtDoc
Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
https://ntdoc.m417z.com/
#windows
#win_api
@islemolecule_source
Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
https://ntdoc.m417z.com/
#windows
#win_api
@islemolecule_source
GitHub
systeminformer/phnt at master · winsiderss/systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-i...
Forwarded from Some Security Notes
#malware #reversing
Показано как с помощью параметра SectionAlignment создать исполняемый файл с пустым PE-заголовком.
https://secret.club/2023/06/05/spoof-pe-sections.html
Показано как с помощью параметра SectionAlignment создать исполняемый файл с пустым PE-заголовком.
https://secret.club/2023/06/05/spoof-pe-sections.html
secret club
Abusing undocumented features to spoof PE section headers
Introduction Some time ago, I accidentally came across some interesting behaviour in PE files while debugging an unrelated project. I noticed that setting the SectionAlignment value in the NT header to a value lower than the page size (4096) resulted in significant…
The Evolution of Protected Processes – Part 1
link
The Evolution of Protected Processes – Part 2
link
#windows
#threat_hunting
@islemolecule_source
link
The Evolution of Protected Processes – Part 2
link
#windows
#threat_hunting
@islemolecule_source
Microsoft Open Source Code of Conduct
(implement of DNS , AMASI ,....)
LInK
#windows
#win_api
@islemolecule_source
(implement of DNS , AMASI ,....)
LInK
#windows
#win_api
@islemolecule_source
F#ck AMSI! How to bypass Antimalware Scan Interface and infect Windows
https://hackmag.com/security/fck-amsi/
#windows
#malware_dev
@islemolecule_source
https://hackmag.com/security/fck-amsi/
#windows
#malware_dev
@islemolecule_source
The internals of Javanoscript Engine!
https://youtube.com/watch?v=qf1KhBCaWNY
The execution context and stack in Javanoscript!
https://youtube.com/watch?v=3Ywr7MPxBKA
Execution Stack in Chrome: Live Demo!
https://youtube.com/watch?v=-UnIbstX_0A
The what and why of max call stack in Javanoscript!
https://youtube.com/watch?v=qc3aEKrohKc
#javanoscript_internals , #javanoscript_engine
———
@islemolecule_source
https://youtube.com/watch?v=qf1KhBCaWNY
The execution context and stack in Javanoscript!
https://youtube.com/watch?v=3Ywr7MPxBKA
Execution Stack in Chrome: Live Demo!
https://youtube.com/watch?v=-UnIbstX_0A
The what and why of max call stack in Javanoscript!
https://youtube.com/watch?v=qc3aEKrohKc
#javanoscript_internals , #javanoscript_engine
———
@islemolecule_source
Forwarded from VX-SH
azov.7z
10 MB