Microsoft has observed a subset of Iran-based threat actor Mint Sandstorm (PHOSPHORUS) employing new TTPs to improve initial access, defense evasion, and persistence in campaigns targeting individuals at universities and research orgs.
https://www.microsoft.com/en-us/security/blog/2024/01/17/new-ttps-observed-in-mint-sandstorm-campaign-targeting-high-profile-individuals-at-universities-and-research-orgs/
#TTP , #red_team
———
@islemolecule_source
https://www.microsoft.com/en-us/security/blog/2024/01/17/new-ttps-observed-in-mint-sandstorm-campaign-targeting-high-profile-individuals-at-universities-and-research-orgs/
#TTP , #red_team
———
@islemolecule_source
Elevate process privileges to the System or Trustedinstaller
Link
#malware_dev
#windows
-------
@islemolecule_source
Link
#malware_dev
#windows
-------
@islemolecule_source
MikroTik router reverse engineering (SOHO, embedded/IoT devices)
Excellent writeup by @hgarrereyn and @__comedian
https://margin.re/2022/06/pulling-mikrotik-into-the-limelight/
Slides (RECon)
#iot ,
———
@islemolecule_source
Excellent writeup by @hgarrereyn and @__comedian
https://margin.re/2022/06/pulling-mikrotik-into-the-limelight/
Slides (RECon)
#iot ,
———
@islemolecule_source
MutationGate is a new approach to bypass EDR's inline hooking by utilizing hardware breakpoint to redirect the syscall.
https://github.com/senzee1984/MutationGate
#malware_dev
#edr
----
@islemolecule_source
https://github.com/senzee1984/MutationGate
#malware_dev
#edr
----
@islemolecule_source
Ghidra Binary Diffing Engine
credit: @clearseclabs
clearbluejar.github.io/posts…
———
@islemolecule_source
credit: @clearseclabs
clearbluejar.github.io/posts…
———
@islemolecule_source
Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers
https://blog.talosintelligence.com/exploring-malicious-windows-drivers-part-1-introduction-to-the-kernel-and-drivers/
#malware_dev , #windows_internals
———
@islemolecule_source
https://blog.talosintelligence.com/exploring-malicious-windows-drivers-part-1-introduction-to-the-kernel-and-drivers/
#malware_dev , #windows_internals
———
@islemolecule_source
👍2
Forwarded from UnknownHat
BlackCat(ALPHV).zip
1.6 MB
BlackCat Ransomware (ALPHV) Configuration Tool, You Just Need To Understand How This Tool Works
Note - Use RDP For Testing
Source : https://www.varonis.com/blog/blackcat-ransomware
Note - Use RDP For Testing
Source : https://www.varonis.com/blog/blackcat-ransomware
👍2
Fuzzer Development: The Soul of a New Machine
credit : @h0mbre_
https://h0mbre.github.io/New_Fuzzer_Project/#
#fuzzer
———
@islemolecule_source
credit : @h0mbre_
https://h0mbre.github.io/New_Fuzzer_Project/#
#fuzzer
———
@islemolecule_source
👍1
WADComs is an interactive cheat sheet ->Windows/AD
https://wadcoms.github.io
#windows #AD
----------
@islemolecule_source
https://wadcoms.github.io
#windows #AD
----------
@islemolecule_source
👍1
👍1
👍1
👍1
👍1
Mastering C++ Programming: Modern C++ 17 at your fingertips
Link
#win_api
-----------
@islemolecule_source
Link
#win_api
-----------
@islemolecule_source
👍2
Windows System Programming Fundamentals.7z
447.8 MB
Windows System Programming Fundamentals
>
#win_api
-----------
@islemolecule_source
>
Course Overview
>Windows Foundations
>Application Development Basics
>Objects and Handles
#win_api
-----------
@islemolecule_source
👍2