Documented Windows Persistence Techniques
https://pentestlab.blog/methodologies/red-teaming/persistence
#malware_dev
https://pentestlab.blog/methodologies/red-teaming/persistence
#malware_dev
🔥2
Gemini won't return C++ coding help if you're under 18 because it "wants to preserve your safety".
It's a joke don't take it seriously
👀3👍1
Source Byte
part 5 is coming , don't miss it !!! Part 5 - Intro to C for #Windows Linked list enumeration, #API, and #windows_internls I don't know if you all are keeping track, this is now 10(!) FREE hours of hands-on training in C from SANS SEC670 author @jon__reiter…
Part 7 is up! Continuing with PE parsing we'll also explore easy ways to parse attributes and the various flags that Windows uses specific to PE files
Register here: https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-7/?utm_medium=Social&utm_source=Twitter&utm_content=CM+OO&utm_campaign=PenTest+Webcast
Register here: https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-7/?utm_medium=Social&utm_source=Twitter&utm_content=CM+OO&utm_campaign=PenTest+Webcast
👍4
Prevention_LOLBins.pdf
648.6 KB
"Prevention Strategies for Modern Living Off the Land Usage", 2024.
❤2
Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
❤2
Forwarded from Source Chat
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Source Chat
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3
A technical analysis of the APT28's backdoor called OCEANMAP
https://securityscorecard.com/wp-content/uploads/2024/03/Whitepaper-A-technical-analysis-of-the-APT28s-backdoor-called-OCEANMAP.pdf
https://securityscorecard.com/wp-content/uploads/2024/03/Whitepaper-A-technical-analysis-of-the-APT28s-backdoor-called-OCEANMAP.pdf
👍1👏1
Tips For Analyzing Delphi Binaries in IDA (Danabot)
https://www.youtube.com/watch?v=04RsqP_P9Ss
https://www.youtube.com/watch?v=04RsqP_P9Ss
❤3
implementation examples of basic rootkit functionality and the basics of kernel driver development
https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-1
https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-1
🔥3
Forwarded from $ᴘ3ᴅʏʟ1👾
some Resources for windows kernel programming:
Windows exploit development and windows kernel resources
00 - Windows Rootkits
01 - Windows kernel mitigations
02 - Windows kernel shellcode
03 - Windows kernel exploitation
04 -Windows kernel GDI exploitation
05 - Windows kernel Win32k.sys research
06 - Windows Kernel logic bugs
07 - Windows kernel driver development
08 - Windows internals
09 - Advanced Windows debugging
10 - 0days - APT advanced malware research
11 - Video game cheating (kernel mode stuff sometimes)
12 - Hyper-V and VM / sandbox escape
13 - Fuzzing
14 - Windows browser exploitation
15 - books, certifications and courses
and more :)
- Windows system programming Security
- Windows kernel programming fundamentals
- Windows exploitation
- Live 🔻 Modern Windows kernel exploitation
Article important for windows kernel programming and exploitation.
Windows Exploitation Links
https://github.com/r3p3r/nixawk-awesome-windows-exploitation
https://github.com/connormcgarr/Exploit-Development
https://github.com/connormcgarr/Kernel-Exploits
https://github.com/ElliotAlderson51/Exploit-Writeups
https://github.com/rhamaa/Binary-exploit-writeups#windows_stack_overflows
https://github.com/wtsxDev/Exploit-Development
https://www.corelan.be
https://malwareunicorn.org/#/workshops
https://p.ost2.fyi
http://www.securitytube.net
https://ctf101.org/binary-exploitation/overview
Windows Stack Protection I: Assembly Code
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED301c_tkp/ED301c_tkp.htm
Windows Stack Protection II: Exploit Without ASLR
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED302c_tkp/ED302c_tkp.htm
Windows Stack Protection III: Limitations of ASLR
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED303c_tkp/ED303c_tkp.htm
Exploit Development
Ch 6: The Wild World of Windows
https://samsclass.info/127/lec/EDch6.pdf
SEH-Based Stack Overflow Exploit
https://samsclass.info/127/proj/ED319.htm
Exploiting Easy RM to MP3 Converter on Windows with ASLR
https://samsclass.info/127/proj/ED318.htm
Bypassing Browser Memory Protections
https://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf
The Basics of Exploit Development 1: Win32 Buffer Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development
The Basics of Exploit Development 2: SEH Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-2-seh-overflows
The Basics of Exploit Development 3: Egg Hunters
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-3-egg-hunters
The Basics of Exploit Development 4: Unicode Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-4-unicode-overfl
The Basics of Exploit Development 5: x86-64 Buffer Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-5-x86-64-buffer
Resources for Exploit development:-
- roadmap for exploit development
- roadmap for exploit development 2
Resources....
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
https://crackmes.one
https://www.youtube.com/@pwncollege/videos
https://repo.zenk-security.com/Magazine%20E-book/Hacking-%20The%20Art%20of%20Exploitation%20(2nd%20ed.%202008)%20-%20Erickson.pdf
http://www.phrack.org/issues/49/14.html#article
https://github.com/justinsteven/dostackbufferoverflowgood
https://github.com/FabioBaroni/awesome-exploit-development
https://github.com/CyberSecurityUP/Awesome-Exploit-Development
https://github.com/RPISEC/MBE
https://github.com/hoppersroppers/nightmare
https://github.com/shellphish/how2heap
https://www.youtube.com/watch?v=tMN5N5oid2c
https://dayzerosec.com/blog/2021/02/02/getting-started.html
https://github.com/Tzaoh/pwning
Windows exploit development and windows kernel resources
00 - Windows Rootkits
01 - Windows kernel mitigations
02 - Windows kernel shellcode
03 - Windows kernel exploitation
04 -Windows kernel GDI exploitation
05 - Windows kernel Win32k.sys research
06 - Windows Kernel logic bugs
07 - Windows kernel driver development
08 - Windows internals
09 - Advanced Windows debugging
10 - 0days - APT advanced malware research
11 - Video game cheating (kernel mode stuff sometimes)
12 - Hyper-V and VM / sandbox escape
13 - Fuzzing
14 - Windows browser exploitation
15 - books, certifications and courses
and more :)
- Windows system programming Security
- Windows kernel programming fundamentals
- Windows exploitation
- Live 🔻 Modern Windows kernel exploitation
Article important for windows kernel programming and exploitation.
Windows Exploitation Links
https://github.com/r3p3r/nixawk-awesome-windows-exploitation
https://github.com/connormcgarr/Exploit-Development
https://github.com/connormcgarr/Kernel-Exploits
https://github.com/ElliotAlderson51/Exploit-Writeups
https://github.com/rhamaa/Binary-exploit-writeups#windows_stack_overflows
https://github.com/wtsxDev/Exploit-Development
https://www.corelan.be
https://malwareunicorn.org/#/workshops
https://p.ost2.fyi
http://www.securitytube.net
https://ctf101.org/binary-exploitation/overview
Windows Stack Protection I: Assembly Code
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED301c_tkp/ED301c_tkp.htm
Windows Stack Protection II: Exploit Without ASLR
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED302c_tkp/ED302c_tkp.htm
Windows Stack Protection III: Limitations of ASLR
http://www.bowneconsultingcontent.com//pub/EH/proj/cloud/ED303c_tkp/ED303c_tkp.htm
Exploit Development
Ch 6: The Wild World of Windows
https://samsclass.info/127/lec/EDch6.pdf
SEH-Based Stack Overflow Exploit
https://samsclass.info/127/proj/ED319.htm
Exploiting Easy RM to MP3 Converter on Windows with ASLR
https://samsclass.info/127/proj/ED318.htm
Bypassing Browser Memory Protections
https://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf
The Basics of Exploit Development 1: Win32 Buffer Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development
The Basics of Exploit Development 2: SEH Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-2-seh-overflows
The Basics of Exploit Development 3: Egg Hunters
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-3-egg-hunters
The Basics of Exploit Development 4: Unicode Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-4-unicode-overfl
The Basics of Exploit Development 5: x86-64 Buffer Overflows
https://www.coalfire.com/the-coalfire-blog/the-basics-of-exploit-development-5-x86-64-buffer
Resources for Exploit development:-
- roadmap for exploit development
- roadmap for exploit development 2
Resources....
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
https://crackmes.one
https://www.youtube.com/@pwncollege/videos
https://repo.zenk-security.com/Magazine%20E-book/Hacking-%20The%20Art%20of%20Exploitation%20(2nd%20ed.%202008)%20-%20Erickson.pdf
http://www.phrack.org/issues/49/14.html#article
https://github.com/justinsteven/dostackbufferoverflowgood
https://github.com/FabioBaroni/awesome-exploit-development
https://github.com/CyberSecurityUP/Awesome-Exploit-Development
https://github.com/RPISEC/MBE
https://github.com/hoppersroppers/nightmare
https://github.com/shellphish/how2heap
https://www.youtube.com/watch?v=tMN5N5oid2c
https://dayzerosec.com/blog/2021/02/02/getting-started.html
https://github.com/Tzaoh/pwning
GitHub
GitHub - FULLSHADE/WindowsExploitationResources: Resources for Windows exploit development
Resources for Windows exploit development. Contribute to FULLSHADE/WindowsExploitationResources development by creating an account on GitHub.
❤5🔥3👍2