Source Byte
ساختار فایل PE - header https://mrpythonblog.ir/pe1/ - section https://mrpythonblog.ir/pe2/ -exports https://mrpythonblog.ir/pe3/ -imports https://mrpythonblog.ir/pe4/ -relocation https://mrpythonblog.ir/pe5/ #pe @MrPythonBlog
Writing pe-parser and explain about its structure
https://0xrick.github.io/win-internals/pe1/
https://0xrick.github.io/categories/#win-internals
#pe
https://0xrick.github.io/win-internals/pe1/
#pe
0xRick's Blog
A dive into the PE file format - Introduction
A dive into the PE file format - Introduction What is this ? This is going to be a series of blog posts covering PE files in depth, it’s going to include a range of different topics, mainly the structure of PE files on disk and the way PE files get mapped…
🔥6👍1
Windows Local Privilege Escalation Cookbook
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook
Source Byte pinned «ساختار فایل PE - header https://mrpythonblog.ir/pe1/ - section https://mrpythonblog.ir/pe2/ -exports https://mrpythonblog.ir/pe3/ -imports https://mrpythonblog.ir/pe4/ -relocation https://mrpythonblog.ir/pe5/ #pe @MrPythonBlog»
Sark (named after the notorious Tron villain) is an object-oriented noscripting layer written on top of IDAPython. Sark is easy to use and provides tools for writing advanced noscripts and plugins.
https://sark.readthedocs.io/en/latest/
#tools
https://sark.readthedocs.io/en/latest/
#tools
Windows 11 is getting native macOS or Linux-like Sudo command
https://www.windowslatest.com/2024/02/01/first-look-windows-11-is-getting-native-macos-or-linux-like-sudo-command/
Sudo On Windows a Quick Rundown
https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html?m=1
Introducing Sudo for Windows!
https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/
https://www.windowslatest.com/2024/02/01/first-look-windows-11-is-getting-native-macos-or-linux-like-sudo-command/
Sudo On Windows a Quick Rundown
https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html?m=1
Introducing Sudo for Windows!
https://devblogs.microsoft.com/commandline/introducing-sudo-for-windows/
❤4
There is industry consensus on moving away from C/C++: "Secure by Design: Google’s Perspective on Memory Safety"
TLDR: Rust is not the answer.
https://security.googleblog.com/2024/03/secure-by-design-googles-perspective-on.html?m=1
https://security.googleblog.com/2024/03/secure-by-design-googles-perspective-on.html?m=1
👍5
researcher @ mrd0x released https://malapi.io , an online catalog of Windows APIs that are commonly used in malware. This is an incredible resource that helps to discern which APIs are worth scrutiny when performing analysis of the IAT.
❤🔥6
Documented Windows Persistence Techniques
https://pentestlab.blog/methodologies/red-teaming/persistence
#malware_dev
https://pentestlab.blog/methodologies/red-teaming/persistence
#malware_dev
🔥2
Gemini won't return C++ coding help if you're under 18 because it "wants to preserve your safety".
It's a joke don't take it seriously
👀3👍1
Source Byte
part 5 is coming , don't miss it !!! Part 5 - Intro to C for #Windows Linked list enumeration, #API, and #windows_internls I don't know if you all are keeping track, this is now 10(!) FREE hours of hands-on training in C from SANS SEC670 author @jon__reiter…
Part 7 is up! Continuing with PE parsing we'll also explore easy ways to parse attributes and the various flags that Windows uses specific to PE files
Register here: https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-7/?utm_medium=Social&utm_source=Twitter&utm_content=CM+OO&utm_campaign=PenTest+Webcast
Register here: https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-7/?utm_medium=Social&utm_source=Twitter&utm_content=CM+OO&utm_campaign=PenTest+Webcast
👍4
Prevention_LOLBins.pdf
648.6 KB
"Prevention Strategies for Modern Living Off the Land Usage", 2024.
❤2