👍3🔥2🥱1
Forwarded from Source Chat (GOJO)
Please open Telegram to view this post
VIEW IN TELEGRAM
Keylogging in the Windows kernel with undocumented data structures
https://eversinc33.com/posts/kernel-mode-keylogging/
https://eversinc33.com/posts/kernel-mode-keylogging/
👍2🔥2
A technique of hiding malicious shellcode via Shannon encoding.
https://github.com/kleiton0x00/Shelltropy.git
https://github.com/kleiton0x00/Shelltropy.git
👍2🔥2
Little AV/EDR bypassing lab for training & learning purposes
https://github.com/Xacone/BestEdrOfTheMarket
https://github.com/Xacone/BestEdrOfTheMarket
👍2🔥2
Name: Serious Cryptography
Requirements: Nothing
Level: Basics and Basis
Author: Jean-Phillippe Aumassen
“
Chapters:
1 - Encryption
2 - Randomness
3 - Cryptography Security
4 - Block Ciphers
5 - Stream Ciphers
6 - Hash Functions
7 - Keyed Hashing
8 - Authenticated Encryption
9 - Hard Problems
10 - RSA
11 - Diffie-Hellman
12 - Elliptic Curves
13 - TLS
14 - Quantum and Post-Quantom”
Requirements: Nothing
Level: Basics and Basis
Author: Jean-Phillippe Aumassen
“
Chapters:
1 - Encryption
2 - Randomness
3 - Cryptography Security
4 - Block Ciphers
5 - Stream Ciphers
6 - Hash Functions
7 - Keyed Hashing
8 - Authenticated Encryption
9 - Hard Problems
10 - RSA
11 - Diffie-Hellman
12 - Elliptic Curves
13 - TLS
14 - Quantum and Post-Quantom”
👍3
Vulnerability Management Goes Much Deeper Than Patching
https://www.kolide.com/blog/vulnerability-management-goes-much-deeper-than-patching
What Is Vulnerability Management?
Vulnerability Management For Compliance
Elements of Vulnerability Management
Improving Vulnerability Management With Zero Trust
Vulnerability Management Is a Journey, Not a Destination
https://www.kolide.com/blog/vulnerability-management-goes-much-deeper-than-patching
❤5👍2
Hack.lu 2023: Malware Av evasion tricks by cocmelonc
https://youtu.be/0Xa4E4ZpX2E?si=xbfueQY-gmEYS6lx
His book:
https://news.1rj.ru/str/source_chat/923
https://youtu.be/0Xa4E4ZpX2E?si=xbfueQY-gmEYS6lx
His book:
https://news.1rj.ru/str/source_chat/923
❤7👍1
Windows-based credential dumper using C++ and MASM x64.
https://github.com/Meowmycks/LetMeowIn
https://github.com/Meowmycks/LetMeowIn
👍7
کانال بایت امن
#Webinar Malware Development Workshop Speakers : Uriel Kosayev, Pavel Yosifovich | TrainSec.net What you will learn in the workshop 1. What is Malware Analysis 2. What is Malware Development 3. The Malware Development Life Cycle 4. Why it's important…
GitHub
GitHub - zodiacon/MalDevWorkshopWebinar: Demo from the Malware Analysis and Development Webinar
Demo from the Malware Analysis and Development Webinar - zodiacon/MalDevWorkshopWebinar
❤11
Forwarded from white2hack 📚
Notes ver.1.0 Stuff about IT security that might be good to know by xapax
This is some documentation I have build up over the years. Everything is work in progress, some stuff is years old and might not be relevant. Other stuff is new and not so bad.
Source
GitHub
#useful #defensive #web #hardening
This is some documentation I have build up over the years. Everything is work in progress, some stuff is years old and might not be relevant. Other stuff is new and not so bad.
Source
GitHub
#useful #defensive #web #hardening
❤5
Forwarded from Offensive Xwitter
😈 [ Evan McBroom @mcbroom_evan ]
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March.
If you are interested in getting credentials from LSASS without accessing its memory, check it out!
Blog:
🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b
Tool:
🔗 https://github.com/Meowmycks/LetMeowIn
Crossposted on GH:
🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279
🐥 [ tweet ]
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March.
If you are interested in getting credentials from LSASS without accessing its memory, check it out!
Blog:
🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b
Tool:
🔗 https://github.com/Meowmycks/LetMeowIn
Crossposted on GH:
🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279
🐥 [ tweet ]
👍4
Forwarded from Reverse Dungeon
YouTube
CppCon 2017: Matt Godbolt “What Has My Compiler Done for Me Lately? Unbolting the Compiler's Lid”
http://CppCon.org
—
Presentation Slides, PDFs, Source Code and other presenter materials are available at: https://github.com/CppCon/CppCon2017
—
In 2012, Matt and a colleague were arguing whether it was efficient to use the then-new-fangled range for. During…
—
Presentation Slides, PDFs, Source Code and other presenter materials are available at: https://github.com/CppCon/CppCon2017
—
In 2012, Matt and a colleague were arguing whether it was efficient to use the then-new-fangled range for. During…
👍4
Forwarded from 1N73LL1G3NC3
SymProcAddress
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
https://github.com/MzHmO/SymProcAddress
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
https://github.com/MzHmO/SymProcAddress
👍5
Forwarded from Ralf Hacker Channel (Ralf Hacker)
Аналог
https://github.com/WKL-Sec/FuncAddressPro
#redteam #maldev #evasion
GetProcAddress, но написан на ассемблере. Гуд... https://github.com/WKL-Sec/FuncAddressPro
#redteam #maldev #evasion
GitHub
GitHub - WKL-Sec/FuncAddressPro: A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative…
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress. - WKL-Sec/FuncAddressPro
👍3
Forwarded from APT
⚙️ MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
🔗 https://github.com/Xre0uS/MultiDump
#lsass #remote #cpp #python
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
🔗 https://github.com/Xre0uS/MultiDump
#lsass #remote #cpp #python
👍5🥰1
Forwarded from کانال بایت امن
#Source
D/Invoke Process Hollowing
Implementation of process hollowing shellcode injection using DInvoke.
با استفاده از Dynamic Invocation یا همون D/Invoke به جای P/Invoke میتونید به صورت داینامیک از کد های UnManaged استفاده کنید.
تو این مقاله به صورت کامل در مورد ضرورت ایجاد D/Invoke و تفاوتش با P/Invoke اشاره کرده.
حالا در این ریپو یک سناریو مربوط به تزریق کد ها با استفاده از تکنیک Process Hollowing رو میتونید بررسی کنید.
🦅 کانال بایت امن | گروه بایت امن
_
D/Invoke Process Hollowing
Implementation of process hollowing shellcode injection using DInvoke.
با استفاده از Dynamic Invocation یا همون D/Invoke به جای P/Invoke میتونید به صورت داینامیک از کد های UnManaged استفاده کنید.
تو این مقاله به صورت کامل در مورد ضرورت ایجاد D/Invoke و تفاوتش با P/Invoke اشاره کرده.
حالا در این ریپو یک سناریو مربوط به تزریق کد ها با استفاده از تکنیک Process Hollowing رو میتونید بررسی کنید.
_
Please open Telegram to view this post
VIEW IN TELEGRAM
👍6🔥2❤1🌭1🍌1💅1
Red team webinar presentation
https://kpmg.pathfactory.com/RedTeamWebinar#page=1
https://kpmg.pathfactory.com/RedTeamWebinar#page=1
👍5
Forwarded from vx-underground
13-year-old Marco Liberale has created a proof-of-concept PasteBin C2 botnet in Go. Is it fully cross platform working on Windows, Linux, and Mac.
We are very happy to see such a young person contributing to this research space.
Check it out here: https://github.com/marco-liberale/PasteBomb
We are very happy to see such a young person contributing to this research space.
Check it out here: https://github.com/marco-liberale/PasteBomb
GitHub
GitHub - marco-liberale/PasteBomb: PasteBomb C2-less RAT
PasteBomb C2-less RAT. Contribute to marco-liberale/PasteBomb development by creating an account on GitHub.
🔥8❤1