NtDoc
Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
https://ntdoc.m417z.com/
#windows
#win_api
@islemolecule_source
Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
https://ntdoc.m417z.com/
#windows
#win_api
@islemolecule_source
GitHub
systeminformer/phnt at master · winsiderss/systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-i...
Forwarded from Some Security Notes
#malware #reversing
Показано как с помощью параметра SectionAlignment создать исполняемый файл с пустым PE-заголовком.
https://secret.club/2023/06/05/spoof-pe-sections.html
Показано как с помощью параметра SectionAlignment создать исполняемый файл с пустым PE-заголовком.
https://secret.club/2023/06/05/spoof-pe-sections.html
secret club
Abusing undocumented features to spoof PE section headers
Introduction Some time ago, I accidentally came across some interesting behaviour in PE files while debugging an unrelated project. I noticed that setting the SectionAlignment value in the NT header to a value lower than the page size (4096) resulted in significant…
The Evolution of Protected Processes – Part 1
link
The Evolution of Protected Processes – Part 2
link
#windows
#threat_hunting
@islemolecule_source
link
The Evolution of Protected Processes – Part 2
link
#windows
#threat_hunting
@islemolecule_source
Microsoft Open Source Code of Conduct
(implement of DNS , AMASI ,....)
LInK
#windows
#win_api
@islemolecule_source
(implement of DNS , AMASI ,....)
LInK
#windows
#win_api
@islemolecule_source
F#ck AMSI! How to bypass Antimalware Scan Interface and infect Windows
https://hackmag.com/security/fck-amsi/
#windows
#malware_dev
@islemolecule_source
https://hackmag.com/security/fck-amsi/
#windows
#malware_dev
@islemolecule_source
The internals of Javanoscript Engine!
https://youtube.com/watch?v=qf1KhBCaWNY
The execution context and stack in Javanoscript!
https://youtube.com/watch?v=3Ywr7MPxBKA
Execution Stack in Chrome: Live Demo!
https://youtube.com/watch?v=-UnIbstX_0A
The what and why of max call stack in Javanoscript!
https://youtube.com/watch?v=qc3aEKrohKc
#javanoscript_internals , #javanoscript_engine
———
@islemolecule_source
https://youtube.com/watch?v=qf1KhBCaWNY
The execution context and stack in Javanoscript!
https://youtube.com/watch?v=3Ywr7MPxBKA
Execution Stack in Chrome: Live Demo!
https://youtube.com/watch?v=-UnIbstX_0A
The what and why of max call stack in Javanoscript!
https://youtube.com/watch?v=qc3aEKrohKc
#javanoscript_internals , #javanoscript_engine
———
@islemolecule_source
Forwarded from VX-SH
azov.7z
10 MB
Forwarded from VX-SH
VT Query -
behaviour:Local\\Kasimir_* AND behaviour:Local\\azov AND tag:64bits AND (behaviour_files:RESTORE_FILES OR behaviour_registry:rdpclient.exe)Flying Under the Radar: Abusing GitHub for Malicious Infrastructure
https://www.recordedfuture.com/flying-under-the-radar-abusing-github-malicious-infrastructure
#c2 ,
———
@islemolecule_source
https://www.recordedfuture.com/flying-under-the-radar-abusing-github-malicious-infrastructure
#c2 ,
———
@islemolecule_source
👍1
Malware repository
https://github.com/cryptwareapps/Malware-Database
#malware_analysis
--------
@islemolecule_source
https://github.com/cryptwareapps/Malware-Database
#malware_analysis
--------
@islemolecule_source
A collection of weggli patterns for C/C++ vulnerability research
https://security.humanativaspa.it/a-collection-of-weggli-patterns-for-c-cpp-vulnerability-research/
———
@islemolecule_source
https://security.humanativaspa.it/a-collection-of-weggli-patterns-for-c-cpp-vulnerability-research/
———
@islemolecule_source