VMProtect Source Code (Leaked 07.12.2023)

https://github.com/jmpoep/vmprotect-3.5.1


#vmp #protector
@islemolecule_source

Building a labeled malware corpus for YARA testing
credit : Steve Miller

https://stairwell.com/resources/quick-n-dirty-detection-research-building-a-labeled-malware-corpus-for-yara-testing/

#yara,
———
@islemolecule_source

How to Leverage Internal Proxies for Lateral Movement, Firewall Evasion, and Trust Exploitation

https://practicalsecurityanalytics.com/how-to-leverage-internal-proxies-for-lateral-movement-firewall-evasion-and-trust-exploitation

#red_team ,#lateral_movemnt
--------
@islemolecule_source

al-khaser is a PoC "malware" application with good intentions that aims to stress your anti-malware system.

Link


#malware_analysis #malware_dev

-----
@islemolecule_source

This is a collection of #botnet source codes, unorganized.

Link


#malware_analysis #malware_dev

------
@islemolecule_source

ghost is a light RAT ( malware source code)

Link

#malware_analysis #malware_dev


@islemolecule_source

malware-sample-library
Link

#malware_analysis #malware_dev
--------
@islemolecule_source

Where to find C malware source code
Reddit
--------
#malware_analysis #malware_dev
--------
@islemolecule_source

Linux process injection: sshd injection for credential harvesting
credits : @_xpn_ , @jm33_m0

blog.xpnsec.com/linux-proces…

jm33.me/sshd-injection-and-p…

#process_injection ,
———
@islemolecule_source

VBA: having fun with macros, overwritten pointers & R/W/X memory
credit : @AdeptsOf0xCC

https://adepts.of0x.cc/vba-hijack-pointers-rwa/

#macro , #VBA , #shellcode
———
@islemolecule_source

Oh, cool! Looks like VT supports logical operators with VTGrep, so you can almost do yara searches in an indexed (read: fast) way.
e.g.

#tweet

When helping with mquery development I wrote a small converter that takes in a Yara rule and produces a simple byte-based query as output: https://github.com/CERT-Polska/mquery/blob/master/src/lib/yaraparse.py

You could probably modify it a bit to create queries compatible with VT content search
#tweet

VT Intelligence Cheat Sheet

https://blog.virustotal.com/2022/12/vt-intelligence-cheat-sheet.html

#VT

[Infographic] High-level diagram showcasing Microsoft Defender for Cloud’s
https://raw.githubusercontent.com/JadKaraki/M365ZeroTrust/main/Defender%20for%20Cloud%20Diagram.jpg

Credit: Jad Karaki

#windows_defender
———
@islemolecule_source

OSINTBuddy - The Open-Source Alternative to Maltego ! Node graphs, OSINT data mining, and plugins. Connect unstructured and public data for transformative insights.

https://github.com/jerlendds/osintbuddy

#reversing
"Exploiting Reversing (ER) series: Article 01", rev.A, April 2023.

]-> ER: article 02 (2024, .pdf):
https://exploitreversing.files.wordpress.com/2024/01/exploit_reversing_02.pdf