Source Byte
In the simplest terms possible, this registry hive contains the necessary information for Windows to know what to do when you ask it to do something, like to view the contents of a drive, or open a certain type of file, etc. HKEY_CLASSES_ROOT\.avi HKEY_…
The
If a non-administrator user attempts to write to a key under HKCR, and the key already exists under
HKEY_CLASSES_ROOT (HKCR) key in the Windows registry is a merged view of the HKEY_LOCAL_MACHINE\Software\Classes and HKEY_CURRENT_USER\Software\Classes keys. By default, only users with administrator privileges can modify the keys and values under HKCR. If a non-administrator user attempts to write to a key under HKCR, and the key already exists under
HKEY_CURRENT_USER\Software\Classes, the system will store the information there instead of under HKEY_LOCAL_MACHINE\Software\Classes. However, writing directly to HKCR typically requires administrator access because it affects system-wide settings²³.👍7
SyzRetrospector: A Large-Scale Retrospective Study of Syzbot
credit : Ardalan Amiri Sani , Zhiyun Qian
credit : Ardalan Amiri Sani , Zhiyun Qian
❤6
Forwarded from Ralf Hacker Channel (Ralf Hacker)
Аналог
https://github.com/WKL-Sec/FuncAddressPro
#redteam #maldev #evasion
GetProcAddress, но написан на ассемблере. Гуд... https://github.com/WKL-Sec/FuncAddressPro
#redteam #maldev #evasion
GitHub
GitHub - WKL-Sec/FuncAddressPro: A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative…
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress. - WKL-Sec/FuncAddressPro
👍2
Forwarded from .
Greybeard Qualification - Linux Internals.zip
810.7 MB
Greybeard Qualification - Linux Internals.zip
Linux network internals.zip
1.4 GB
Linux network internals.zip
Linux Kernel Development.zip
1.3 GB
Linux Kernel Development.zip
Linux Device Drivers.zip
431.6 MB
Linux Device Drivers.zip
❤9👍2
JSAC2024_2_3_sasada_hazuru_en.pdf
955.6 KB
Dark Side of VSCode
~ How Attacker Abuse VSCode as RAT ~
~ How Attacker Abuse VSCode as RAT ~
🔥4✍1😐1
winsos-poc: A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
https://github.com/thiagopeixoto/winsos-poc.git
https://github.com/thiagopeixoto/winsos-poc.git
🔥5
UNDERSTANDING A PAYLOAD’S LIFE
Featuring Meterpreter & other guests
credit : Daniel López Jiménez
videos :
https://www.youtube.com/playlist?list=PLwb6et4T42ww1YrYGuX0KN71cw3ejG5IO
slides :
👇🏻
Featuring Meterpreter & other guests
credit : Daniel López Jiménez
videos :
https://www.youtube.com/playlist?list=PLwb6et4T42ww1YrYGuX0KN71cw3ejG5IO
slides :
👇🏻
❤7🤡2
Donex a new ransomware gang malware technical analysis
https://www.shadowstackre.com/analysis/donex
#malware_analysis
https://www.shadowstackre.com/analysis/donex
#malware_analysis
🔥6
Forwarded from AndroPX (SOS)
This media is not supported in your browser
VIEW IN TELEGRAM
Program in C
🤣21❤1🤔1
Anatomy of Offensive Tool Development
credit : Alex Reid
https://redsiege.com/blog/2024/01/graphstrike-developer/
credit : Alex Reid
https://redsiege.com/blog/2024/01/graphstrike-developer/
👍5💘1
Forwarded from white2hack 📚
Advanced Software Exploitation by Ptrace Security, 2019
In the first half of the course, attendees will use fuzzing, reverse engineering, and source code auditing, to attack a wide variety of applications (e.g. iTunes, Firefox, Vulnserver, etc.) and then use proven exploitation techniques to develop an exploit for one of the VMs (Windows 7, Windows 8.1 and Windows 10).
Then, in the second half of the course, the focus will shift from classic vulnerabilities to more advanced ones. In this section, students will learn how to escape Java sandbox using a type confusion vulnerability, how to circumvent the ASLR without pointer leaks, and how to use precise heap spraying, just to name a few.
By the end of this course, students will know how to find software vulnerabilities using fuzzing, reverse engineering, and source code auditing, and then how to write their own exploits in Python, JavaScript, or Java.
GitHub
About the course
Official page
#education #reverse #coding #python
In the first half of the course, attendees will use fuzzing, reverse engineering, and source code auditing, to attack a wide variety of applications (e.g. iTunes, Firefox, Vulnserver, etc.) and then use proven exploitation techniques to develop an exploit for one of the VMs (Windows 7, Windows 8.1 and Windows 10).
Then, in the second half of the course, the focus will shift from classic vulnerabilities to more advanced ones. In this section, students will learn how to escape Java sandbox using a type confusion vulnerability, how to circumvent the ASLR without pointer leaks, and how to use precise heap spraying, just to name a few.
By the end of this course, students will know how to find software vulnerabilities using fuzzing, reverse engineering, and source code auditing, and then how to write their own exploits in Python, JavaScript, or Java.
GitHub
About the course
Official page
#education #reverse #coding #python
🔥5👍2
Forwarded from white2hack 📚
Advanced Software Exploitation.7z
10.8 MB
Advanced Software Exploitation by Ptrace Security, 2019
🔥5👍1
Rhadamanthys –deep dive into the stealer’s components
https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components/
https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components/
👍4