by the way 4.5 decompiled u can recompile if u have skill u can patch the beacon xss rce bug

Locating kernel32 in base address in shellcode writing

Link1

Link2

Linux is not a secure operating system

Linux being secure is a common misconception in the security and privacy realm. Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings by demonstrating the lack of various, important security mechanisms found in other desktop operating systems and identifying critical security problems within Linux's security model, across both user space and the kernel. Overall, other operating systems have a much stronger focus on security and have made many innovations in defensive security technologies, whereas Linux has fallen far behind.

https://madaidans-insecurities.github.io/linux.html

credit : madaidan
a security researcher who works on various open source projects, mainly Whonix.

#hardening ,
———
@islemolecule_source

bypassing-av.pdf

Depend on pe file format

Abusing undocumented features to spoof PE section headers by x86matthew

https://secret.club/2023/06/05/spoof-pe-sections.html

Execute shellcode via python
(Ctypes module)

https://youtu.be/n-nU2jCK5-c?si=JN3P8yu6M2_2wdwA

#reversing
Reversing Windows Container
Part 1 - Silo:
https://blog.quarkslab.com/reversing-windows-container-episode-i-silo.html
Part 2 - Silo to Server Silo:
https://blog.quarkslab.com/reversing-windows-container-part-ii-silo-to-server-silo.html

‘Lavender’: The AI machine directing Israel’s bombing spree in Gaza

The Israeli army has marked tens of thousands of Gazans as suspects for assassination, using an AI targeting system with little human oversight and a permissive policy for casualties, +972 and Local Call reveal.

https://www.972mag.com/lavender-ai-israeli-army-gaza/

Mind blowing, they give a list to AI then it decides who is going to die 😐

Dump lsass using only Native APIs

https://github.com/ricardojoserf/NativeDump

A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development

https://github.com/FabioBaroni/awesome-exploit-development

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.


https://github.com/secfigo/Awesome-Fuzzing

Fuzzer Development 2: Sandboxing Syscalls

https://h0mbre.github.io/Lucid_Context_Switching/#

#part_2

OSED Notes: (Offensive Security Exploit Developer) by Zeyad Azima, 2024

Source
GitHub
Twitter

#pentest #useful #exam #celebrery

" The architecture of SAST tools: An explainer for developers "
More developers will have to fix security issues in the age of shifting left. Here, we break down how SAST tools can help them find and address vulnerabilities.

+Automate source code scanning.
+Expand vulnerability detection.
+Assist with manual code reviews.
+Software composition analysis (SCA)
+Dynamic application security testing (DAST)
+Interactive application security testing (IAST)

https://github.blog/2024-02-12-the-architecture-of-sast-tools-an-explainer-for-developers/

#devops
———
@islemolecule_source

یه مقاله درجه یک درباره container networking

How Container Networking Works: a Docker Bridge Network From Scratch
https://labs.iximiuz.com/tutorials/container-networking-from-scratch

@gocasts

Tons of trainings out there for implant dev now as of just last year even.

- Pavel has his own

https://training.trainsec.net/malware-analysis-and-development-workshop

- there’s Maldev Academy which is great
- there’s ODT from a Microsoft dude

https://courses.ask-academy.live/courses/offensive-development-and-tradecraft

- SANS has an implant dev course

https://www.sans.org/cyber-security-courses/red-team-operations-developing-custom-tools-windows/

- CodeMachine had some but I don’t think they are public offerings anymore
- Paranoid Ninja BRC4 author had some



#malware_dev

DLL Proxying using forwards with absolute paths
https://github.com/mrexodia/perfect-dll-proxy