Source Byte
Part 7 is up! Continuing with PE parsing we'll also explore easy ways to parse attributes and the various flags that Windows uses specific to PE files Register here: https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-7/?utm_medium=Social&utm…
An Intro to C for Windows - Part 8
https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-8/
credit : Jonathan Reiter
Threads, stacks, and heaps! Part 8 will take a look at using Windows APIs to create threads, heaps, and using a debugger to view stacks. We will also talk about some of the myths around stack growth versus stack usage.
https://www.sans.org/webcasts/an-intro-to-c-for-windows-part-8/
credit : Jonathan Reiter
Forwarded from white2hack 📚
Designing Secure Software: A Guide for Developers, Loren Kohnfelder, 2021
The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography.
The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind.
The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.
Official page
#book #coding #Python
The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography.
The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind.
The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.
Official page
#book #coding #Python
👍1
Forwarded from white2hack 📚
Designing_Secure_Software_A_Guide_for_Developers_2021.pdf
9.2 MB
Designing Secure Software: A Guide for Developers , Loren Kohnfelder, 2021
Dumping Stored Credentials with SeTrustedCredmanAccessPrivilege
[ Dump creds ]
#windows
#malware_dev
#creds
[ Dump creds ]
#windows
#malware_dev
#creds
A Trip Down Memory Lane
Antivirus evasion has quickly become one of the most overwritten topics, with endless articles on writing shellcode loaders and other evasive stageless droppers.
https://gatari.dev/posts/a-trip-down-memory-lane/
credit : @gatariee
#AV , #red_team
Antivirus evasion has quickly become one of the most overwritten topics, with endless articles on writing shellcode loaders and other evasive stageless droppers.
https://gatari.dev/posts/a-trip-down-memory-lane/
credit : @gatariee
#AV , #red_team
book.pdf
8.7 MB
https://toc.cryptobook.us/book.pdf
#book
#cryptography
A Graduate Course in
Applied Cryptography
By Dan Boneh and Victor Shoup
#book
#cryptography
❤4👍1
This is a repository with sample malduck🦆 config extraction modules. By utilizing them you should be able to extract embedded configuration from unpacked malware samples of: njrat, remcos, revil, graphicalproton
[ GitHub ]
#malware_analysis
[ GitHub ]
#malware_analysis
Portable, simple and fast installer for Visual Studio Build Tools.
https://github.com/Data-Oriented-House/PortableBuildTools
Downloads standalone 64-bit MSVC compiler, linker & other tools, also headers/libraries from Windows SDK, into a portable folder, without installing Visual Studio.
https://github.com/Data-Oriented-House/PortableBuildTools
Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/#storing-payloads-in-registry
#AV , #GuptiMiner
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/#storing-payloads-in-registry
#AV , #GuptiMiner
👍2