Scorpio_Advanced_Windows_Kernel_Programming_w_Pavel_Yosifovich_2023.rar
543.7 MB
Scorpio-Advanced.Windows.Kernel.Programming.w.Pavel.Yosifovich.(2023)
thanks 4e6571 for sharing
https://scorpiosoftware.net/2023/02/20/windows-kernel-programming-class-recordings/
thanks 4e6571 for sharing
https://scorpiosoftware.net/2023/02/20/windows-kernel-programming-class-recordings/
❤11👍1🔥1🍓1
ICS410 ICS/SCADA Security Essentials 2024
https://learnflakes.net/?p=rss&action=download&tid=55146&pk=666d37941e65bc27c1a86ebf627979332c5ef3ec
https://learnflakes.net/?p=rss&action=download&tid=55146&pk=666d37941e65bc27c1a86ebf627979332c5ef3ec
👏4🔥2
Zero EAT touch way to retrieve function addresses
https://github.com/MzHmO/SymProcAddress
https://github.com/MzHmO/SymProcAddress
👍3
❤5
🔥4
List of callbacks and codes that we can use them to execute shellcode
(Alternative Shellcode Execution Via Callbacks)
https://github.com/aahmad097/AlternativeShellcodeExec
#malware_dev
(Alternative Shellcode Execution Via Callbacks)
https://github.com/aahmad097/AlternativeShellcodeExec
#malware_dev
👍2
Program to Inject a DLL into a process from memory
https://github.com/BlackHat-Ashura/Reflective_DLL_Injection
https://github.com/BlackHat-Ashura/Reflective_DLL_Injection
GitHub
GitHub - BlackHat-Ashura/Reflective_DLL_Injection: Program to Inject a DLL into a process from memory.
Program to Inject a DLL into a process from memory. - BlackHat-Ashura/Reflective_DLL_Injection
❤2
Forwarded from 4e6571
🥰4
NIST Cybersecurity Framework
https://www.youtube.com/playlist?list=PLxC28bkWNxkM1AVwmhF0Xfbs8F-NMox0I
https://www.youtube.com/playlist?list=PLxC28bkWNxkM1AVwmhF0Xfbs8F-NMox0I
❤5
A very good introductory series of articles examining the process of driver development for Windows (NT):
Part 1, part 2,....
(The material is old, but gold)
#windows #drivers
Part 1, part 2,....
(The material is old, but gold)
#windows #drivers
CodeProject
Driver Development Part 1: Introduction to Drivers
This article will go into the basics of creating a simple driver.
👍4👎1
One of the "essential" windows auditing tools, add my other favorites like rpcview, process hacker, sysinternals, ghidra, wireshark xpe viewer, windbg, imhex and visual studio. Get James Forshaw's NtObjectManager thing too, seems useful for parsing MIDL like rpcviewer.
PipeViewer - A Tool That Shows Detailed Information About Named Pipes In Windows
https://github.com/cyberark/PipeViewer
credit : Eviatar Gerzi
#tweet , source
PipeViewer - A Tool That Shows Detailed Information About Named Pipes In Windows
https://github.com/cyberark/PipeViewer
credit : Eviatar Gerzi
#tweet , source
❤7👍2
Forwarded from Волосатый бублик
[ Testing LFI in Windows: How I (never) got a $30000 bounty ]
Another great post by adeadfed!
https://adeadfed.com/posts/testing-lfi-in-windows-how-i-never-got-a-30000-bounty/
Another great post by adeadfed!
https://adeadfed.com/posts/testing-lfi-in-windows-how-i-never-got-a-30000-bounty/
🔥6👍1👎1
if you want to using Function stomping technique you have to know this about windows:
example:
Link
for example Kernel32.dll, a common DLL, might have different addresses in two processes(ASLR), but functions like VirtualAlloc, exported from Kernel32.dll, will have the same address in both processes.
example:
Link
🔥3👏1😁1