Forwarded from RedBlueTM Hit (Salver Nicolson)
Game Hacking Cheat Engine Game Hacking Basics.part1.rar
1.9 GB
Forwarded from RedBlueTM Hit (Salver Nicolson)
Game Hacking Cheat Engine Game Hacking Basics.part2.rar
263.6 MB
Forwarded from $ᴘ3ᴅʏʟ1👾
Cheating in Online Games.pdf
7.5 MB
Cheating in Online Games. A Case Study of Bots and Bot-Detection in Browser-Based Multiplayer Games by Erik Wendel, 2012
Techniques Learned from the XZ Backdoor
https://medium.com/@knownsec404team/techniques-learned-from-the-xz-backdoor-74b0a8d45c30
#cve , #CVE_2024_3094
The IFUNC feature of GLIBC
Concealing characters using Radix Tree
Obtaining all dependency information
Hooking Functions from Other Dependency Libraries
https://medium.com/@knownsec404team/techniques-learned-from-the-xz-backdoor-74b0a8d45c30
#cve , #CVE_2024_3094
❤3
pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute.
https://github.com/DominicBreuker/pspy
#tool
https://github.com/DominicBreuker/pspy
#tool
Embedding encrypted payloads in resource section
Payload
https://ry0dan.github.io/malware%20development/Malware-Development-Crafting-Digital-Chaos-03/
credit : Motawkkel Abdulrhman
#malware_dev
Payload
placement: .rsrc section
Adding a resource to our project
Retrieving payload contents
Locating resource
Loading resource contents
Obtain a pointer
Decrypting the payload
Execution
https://ry0dan.github.io/malware%20development/Malware-Development-Crafting-Digital-Chaos-03/
credit : Motawkkel Abdulrhman
#malware_dev
Forwarded from Ralf Hacker Channel (Ralf Hacker)
Один из подписчиков поделился новым курсом от Sektor7, и был не против отдать его в массы. Это уже третья часть про разработку малвари: Malware Development Advanced Vol.1
Остальные курсы Sector7 тоже есть на канале:
1. RTO: Malware Development Essentials
2. RTO: Windows Persistence
3. RTO: Privilege Escalation in Windows
4. RTO: Malware Development Intermediate
5. RTO: Evasion Windows
#course #malware #redteam #pentest
Остальные курсы Sector7 тоже есть на канале:
1. RTO: Malware Development Essentials
2. RTO: Windows Persistence
3. RTO: Privilege Escalation in Windows
4. RTO: Malware Development Intermediate
5. RTO: Evasion Windows
#course #malware #redteam #pentest
Forwarded from Ralf Hacker Channel (Ralf Hacker)
RTO - Malware Development Advanced Vol. 1.zip
1.5 GB
Active Directory Enumeration for Red Teams
In this post, we will explore how defenders can monitor for suspicious LDAP activity, as well as operational security approaches for red teams conducting LDAP reconnaissance.
credits : Dominic Chell
https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/
you should not miss this blog :)
In this post, we will explore how defenders can monitor for suspicious LDAP activity, as well as operational security approaches for red teams conducting LDAP reconnaissance.
credits : Dominic Chell
https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/
Forwarded from Offensive Xwitter
😈 [ eversinc33 🩸🗡️ @eversinc33 ]
If you are facing an EDR with PEB protection/obf which makes Ldr inaccessible & want to inject shellcode, just pass the VA of LoadLibrary (which is consistent across processes) to the shellcode via egg-hunting from your injector, enabling lib resolution without touching the PEB.
🐥 [ tweet ]
If you are facing an EDR with PEB protection/obf which makes Ldr inaccessible & want to inject shellcode, just pass the VA of LoadLibrary (which is consistent across processes) to the shellcode via egg-hunting from your injector, enabling lib resolution without touching the PEB.
🐥 [ tweet ]
*смешной срач в треде*👍3🔥1
Forwarded from white2hack 📚
System32 Important Files.pdf
33.4 MB
System32 Important Files by Hadess, 2024
Cloud-Based Identity to Exfiltration Attack Part1
As I've divided this blog into two parts, this part focuses on Part 1, examining cloud-based identity attacks leading to successful logins to Outlook activities.
https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day16-CloudId-Exfiltration-AttackReport-Part1.md
As I've divided this blog into two parts, this part focuses on Part 1, examining cloud-based identity attacks leading to successful logins to Outlook activities.
https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day16-CloudId-Exfiltration-AttackReport-Part1.md
👍7
Cloud-Based Identity to Exfiltration Attack Part2
Today, I would like to showcase some detection insights regarding attacks, starting from cloud-based identity attacks and extending to compromised Office 365 environment.
https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day16-CloudId-Exfiltration-AttackReport-Part2.md
Today, I would like to showcase some detection insights regarding attacks, starting from cloud-based identity attacks and extending to compromised Office 365 environment.
https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day16-CloudId-Exfiltration-AttackReport-Part2.md