The Nightmare of EDR: Storm-0978 Utilizing New Kernel Injection Technique "Step Bear"
https://ti.qianxin.com/blog/articles/The-Nightmare-of-EDR-Storm-0978-Utilizing-New-Kernel-Injection-Technique-Step-Bear-EN/
https://ti.qianxin.com/blog/articles/The-Nightmare-of-EDR-Storm-0978-Utilizing-New-Kernel-Injection-Technique-Step-Bear-EN/
❤4🐳1
Forwarded from Hide01
I have no problem. my point is not to make money out of the website. If its earned enough to keep servers running that be enough for me. if something leaks out then its for everyone use it and i will not be sad for a single second. Enjoy the material
❤14🐳1
https://news.1rj.ru/str/Hide01
My Website: Hide01.ir
Telegram Contact: t.me/Hide01Bot
Email: root@hide01.ir
PGP: pgp.hide01.ir
Jabber: hide01@jabber.calyxinstitute.org
Twitter: twitter.com/H1deZeroOne
Persian Donate: idpay.ir/hide01
My Website: Hide01.ir
Telegram Contact: t.me/Hide01Bot
Email: root@hide01.ir
PGP: pgp.hide01.ir
Jabber: hide01@jabber.calyxinstitute.org
Twitter: twitter.com/H1deZeroOne
Persian Donate: idpay.ir/hide01
Telegram
Hide01
Website: hide01.ir
TG Contact: t.me/Hide01Bot
Email: no-reply@vip.hide01.ir
PGP: pgp.hide01.ir
Twitter: twitter.com/H1deZeroOne
TG Contact: t.me/Hide01Bot
Email: no-reply@vip.hide01.ir
PGP: pgp.hide01.ir
Twitter: twitter.com/H1deZeroOne
🔥8
A Deep Dive into V8 Sandbox Escape Technique Used in In-The-Wild Exploit
We were analyzing an in-the-wild V8 vulnerability, CVE-2023–2033. Once we exploited the bug, it was not difficult to get typical exploit primitives such as addrof, read and write in V8 heap. The problem is that we need to escape the V8 sandbox in order to get code execution.
https://blog.theori.io/a-deep-dive-into-v8-sandbox-escape-technique-used-in-in-the-wild-exploit-d5dcf30681d4
# CVE-2023–2033 , #cve_analysis
We were analyzing an in-the-wild V8 vulnerability, CVE-2023–2033. Once we exploited the bug, it was not difficult to get typical exploit primitives such as addrof, read and write in V8 heap. The problem is that we need to escape the V8 sandbox in order to get code execution.
https://blog.theori.io/a-deep-dive-into-v8-sandbox-escape-technique-used-in-in-the-wild-exploit-d5dcf30681d4
# CVE-2023–2033 , #cve_analysis
👍7
Asia_24_Yair_magicdot_a_hackers_magic_show_of_disappearing_dots.pdf
3.8 MB
Asia-24-Yair-magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces.pdf
👍3
Forwarded from Soxoj insides
Top SOCMINT tools to investigate and to deanonymize GitHub accounts:
- GitFive from mxrch
- Octosuite from rly0heart (Bellingcat)
- Gitcolombo from soxoj
- Zen from s0md3v
- Map of GitHub from anvaka
- Dorks and secret search for cybersec
👉 Read more: https://sowel.soxoj.com/check-commits
#github #community
- GitFive from mxrch
- Octosuite from rly0heart (Bellingcat)
- Gitcolombo from soxoj
- Zen from s0md3v
- Map of GitHub from anvaka
- Dorks and secret search for cybersec
👉 Read more: https://sowel.soxoj.com/check-commits
#github #community
❤5
Trace processing pipeline
https://github.com/SeanHeelan/otel-profiling-agent/blob/main/README.md#trace-processing-pipeline
https://github.com/SeanHeelan/otel-profiling-agent/blob/main/README.md#trace-processing-pipeline
👍7
Forwarded from CyberSecurityTechnologies (-CST-)
#exploit
1. Windows 11 24H2 NT Exploit
https://github.com/exploits-forsale/24h2-nt-exploit
2. CVE-2024-29417:
Unauth privilege escalation in Horacius
https://blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation
1. Windows 11 24H2 NT Exploit
https://github.com/exploits-forsale/24h2-nt-exploit
2. CVE-2024-29417:
Unauth privilege escalation in Horacius
https://blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation
👍3
System Programming Roadmap
https://github.com/ujjwal-kr/system-programming-roadmap
System Programming Languages
Computer Architecture
Assembly
Compilers
Exploitation
Browser Hacking
Malware
OS Fundamentals
VM internals
https://github.com/ujjwal-kr/system-programming-roadmap
🔥7👍1
Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
https://github.com/crocodyli/ThreatActors-TTPs.git
https://github.com/crocodyli/ThreatActors-TTPs.git
🔥4👍1
RIFT: Analysing a Lazarus Shellcode Execution Method NCC Group Research
Shellcode Execution via EnumSystemLocalA
https://blog.securehat.co.uk/process-injection/shellcode-execution-via-enumsystemlocala
[ Ref ]
This post covers a shellcode execution technique that leverages the UuidFromStringA and EnumSystemLocalA APIs to load and execute shellcode
Shellcode Execution via EnumSystemLocalA
https://blog.securehat.co.uk/process-injection/shellcode-execution-via-enumsystemlocala
[ Ref ]
🔥4
🔥4👍1
Zloader has reintroduced an anti-analysis feature similar to one that was present in the original ZeuS 2.x code. The feature restricts Zloader’s binary execution to the infected machine.
[ zscaler ]
[+] Technical analysis
#malware_analysis
[ zscaler ]
[+] Technical analysis
#malware_analysis
Source Byte
BlackHat - Android UserLand Fuzzing and Exploitation Full Course https://news.1rj.ru/str/boost/Source_byte
Thanks for your boosts❤️
❤6