Introducing APT-Hunter : Threat Hunting Tool via Windows Event Log
https://shells.systems/introducing-apt-hunter-threat-hunting-tool-via-windows-event-log/
#tools
https://shells.systems/introducing-apt-hunter-threat-hunting-tool-via-windows-event-log/
#tools
Keylogging in the Windows kernel with undocumented data structures
https://eversinc33.com/posts/kernel-mode-keylogging/
https://eversinc33.com/posts/kernel-mode-keylogging/
Initial Access Operations Part 2: Offensive DevOps
https://www.blackhillsinfosec.com/initial-access-operations-part-2/
https://www.blackhillsinfosec.com/initial-access-operations-part-2/
"Introduction to Reverse Engineering with Ghidra"
https://voidstarsec.com/ghidra.html#:~:text=Introduction%20to%20Reverse%20Engineering%20with%20Ghidra
https://voidstarsec.com/ghidra.html#:~:text=Introduction%20to%20Reverse%20Engineering%20with%20Ghidra
❤1
Reverse engineering of Android Phoenix RAT
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
ساختار فایل PE
- header
https://mrpythonblog.ir/pe1/
- section
https://mrpythonblog.ir/pe2/
-exports
https://mrpythonblog.ir/pe3/
-imports
https://mrpythonblog.ir/pe4/
-relocation
https://mrpythonblog.ir/pe5/
#pe
@MrPythonBlog
- header
https://mrpythonblog.ir/pe1/
- section
https://mrpythonblog.ir/pe2/
-exports
https://mrpythonblog.ir/pe3/
-imports
https://mrpythonblog.ir/pe4/
-relocation
https://mrpythonblog.ir/pe5/
#pe
@MrPythonBlog
🔥7
Source Byte
ساختار فایل PE - header https://mrpythonblog.ir/pe1/ - section https://mrpythonblog.ir/pe2/ -exports https://mrpythonblog.ir/pe3/ -imports https://mrpythonblog.ir/pe4/ -relocation https://mrpythonblog.ir/pe5/ #pe @MrPythonBlog
Writing pe-parser and explain about its structure
https://0xrick.github.io/win-internals/pe1/
https://0xrick.github.io/categories/#win-internals
#pe
https://0xrick.github.io/win-internals/pe1/
#pe
0xRick's Blog
A dive into the PE file format - Introduction
A dive into the PE file format - Introduction What is this ? This is going to be a series of blog posts covering PE files in depth, it’s going to include a range of different topics, mainly the structure of PE files on disk and the way PE files get mapped…
🔥6👍1
Windows Local Privilege Escalation Cookbook
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
Source Byte pinned «ساختار فایل PE - header https://mrpythonblog.ir/pe1/ - section https://mrpythonblog.ir/pe2/ -exports https://mrpythonblog.ir/pe3/ -imports https://mrpythonblog.ir/pe4/ -relocation https://mrpythonblog.ir/pe5/ #pe @MrPythonBlog»
Sark (named after the notorious Tron villain) is an object-oriented noscripting layer written on top of IDAPython. Sark is easy to use and provides tools for writing advanced noscripts and plugins.
https://sark.readthedocs.io/en/latest/
#tools
https://sark.readthedocs.io/en/latest/
#tools
Windows 11 is getting native macOS or Linux-like Sudo command
https://www.windowslatest.com/2024/02/01/first-look-windows-11-is-getting-native-macos-or-linux-like-sudo-command/
Sudo On Windows a Quick Rundown
https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html?m=1
Introducing Sudo for Windows!
https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/
https://www.windowslatest.com/2024/02/01/first-look-windows-11-is-getting-native-macos-or-linux-like-sudo-command/
Sudo On Windows a Quick Rundown
https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html?m=1
Introducing Sudo for Windows!
https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/
❤4
There is industry consensus on moving away from C/C++: "Secure by Design: Google’s Perspective on Memory Safety"
TLDR: Rust is not the answer.
https://security.googleblog.com/2024/03/secure-by-design-googles-perspective-on.html?m=1
https://security.googleblog.com/2024/03/secure-by-design-googles-perspective-on.html?m=1
👍5
researcher @ mrd0x released https://malapi.io , an online catalog of Windows APIs that are commonly used in malware. This is an incredible resource that helps to discern which APIs are worth scrutiny when performing analysis of the IAT.
❤🔥6