researcher @ mrd0x released https://malapi.io , an online catalog of Windows APIs that are commonly used in malware. This is an incredible resource that helps to discern which APIs are worth scrutiny when performing analysis of the IAT.

Search for almost anything. One week FREE access.



https://news.1rj.ru/str/AllInOneLeaksBOT

Offensive Pascal https://github.com/0xsp-SRD/mortar

Really?

Pascal?😐🙌

Documented Windows Persistence Techniques

https://pentestlab.blog/methodologies/red-teaming/persistence

#malware_dev

Good project about chrome stealer

https://github.com/D3cl4n/Chrome-Stealer/tree/main

Part 7 is up! Continuing with PE parsing we'll also explore easy ways to parse attributes and the various flags that Windows uses specific to PE files


Register here: https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-7/?utm_medium=Social&utm_source=Twitter&utm_content=CM+OO&utm_campaign=PenTest+Webcast

"Prevention Strategies for Modern Living Off the Land Usage", 2024.

Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html

Deep Dive into DLL Sideloading and DLL Hijacking

https://youtu.be/4aiAtGF9tF4

#malware_dev

A technical analysis of the APT28's backdoor called OCEANMAP
https://securityscorecard.com/wp-content/uploads/2024/03/Whitepaper-A-technical-analysis-of-the-APT28s-backdoor-called-OCEANMAP.pdf

Tips For Analyzing Delphi Binaries in IDA (Danabot)
https://www.youtube.com/watch?v=04RsqP_P9Ss

implementation examples of basic rootkit functionality and the basics of kernel driver development

https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-1

some Resources for windows kernel programming:

Windows exploit development and windows kernel resources
00 - Windows Rootkits
01 - Windows kernel mitigations
02 - Windows kernel shellcode
03 - Windows kernel exploitation
04 -Windows kernel GDI exploitation
05 - Windows kernel Win32k.sys research
06 - Windows Kernel logic bugs
07 - Windows kernel driver development
08 - Windows internals
09 - Advanced Windows debugging
10 - 0days - APT advanced malware research
11 - Video game cheating (kernel mode stuff sometimes)
12 - Hyper-V and VM / sandbox escape
13 - Fuzzing
14 - Windows browser exploitation
15 - books, certifications and courses
and more :)

- Windows system programming Security

- Windows kernel programming fundamentals

- Windows exploitation

- Live 🔻 Modern Windows kernel exploitation

Article important for windows kernel programming and exploitation.

Windows Exploitation Links


https://github.com/r3p3r/nixawk-awesome-windows-exploitation

https://github.com/connormcgarr/Exploit-Development

https://github.com/connormcgarr/Kernel-Exploits

https://github.com/ElliotAlderson51/Exploit-Writeups

https://github.com/rhamaa/Binary-exploit-writeups#windows_stack_overflows

https://github.com/wtsxDev/Exploit-Development

https://www.corelan.be

https://malwareunicorn.org/#/workshops

https://p.ost2.fyi

http://www.securitytube.net

https://ctf101.org/binary-exploitation/overview

Windows Stack Protection I: Assembly Code
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED301c_tkp/ED301c_tkp.htm

Windows Stack Protection II: Exploit Without ASLR
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED302c_tkp/ED302c_tkp.htm

Windows Stack Protection III: Limitations of ASLR
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED303c_tkp/ED303c_tkp.htm

Exploit Development
Ch 6: The Wild World of Windows
https://samsclass.info/127/lec/EDch6.pdf

SEH-Based Stack Overflow Exploit
https://samsclass.info/127/proj/ED319.htm

Exploiting Easy RM to MP3 Converter on Windows with ASLR
https://samsclass.info/127/proj/ED318.htm

Bypassing Browser Memory Protections
https://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf

The Basics of Exploit Development 1: Win32 Buffer Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development

The Basics of Exploit Development 2: SEH Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-2-seh-overflows

The Basics of Exploit Development 3: Egg Hunters
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-3-egg-hunters

The Basics of Exploit Development 4: Unicode Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-4-unicode-overfl

The Basics of Exploit Development 5: x86-64 Buffer Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-5-x86-64-buffer

Resources for Exploit development:-

- roadmap for exploit development
- roadmap for exploit development 2

Resources....

https://github.com/0xZ0F/Z0FCourse_ReverseEngineering

https://crackmes.one

https://www.youtube.com/@pwncollege/videos

https://repo.zenk-security.com/Magazine%20E-book/Hacking-%20The%20Art%20of%20Exploitation%20(2nd%20ed.%202008)%20-%20Erickson.pdf

http://www.phrack.org/issues/49/14.html#article

https://github.com/justinsteven/dostackbufferoverflowgood

https://github.com/FabioBaroni/awesome-exploit-development

https://github.com/CyberSecurityUP/Awesome-Exploit-Development

https://github.com/RPISEC/MBE

https://github.com/hoppersroppers/nightmare

https://github.com/shellphish/how2heap

https://www.youtube.com/watch?v=tMN5N5oid2c

https://dayzerosec.com/blog/2021/02/02/getting-started.html

https://github.com/Tzaoh/pwning