Name: Windows System Programming
#book
Requirements: C, Windows (structure and etc)
Level: Intermediate to Advanced
Author: Johnson M. Hart
Table of Contents:
1- Getting Started with Windows
2- Using the Windows File System and Character I/O
3- Advanced File and Directory Processing, and the Registry
4- Exception Handling
5- Memory Management, Memory-Mapped Files, and DLLs
6- Process Management
7- Threads and Scheduling
8- Thread Synchronization
9- Locking, Performance, and NT6 Enhancements
10- Advanced Thread Synchronization
11- Interprocess Communication
12- Network Programming with Windows Sockets
13- Windows Services
14- Asynchronous Input/Output and Completion Ports
15- Securing Windows Objects
16- Using the Sample Programs
17- Source Code Portability: Windows, UNIX, and Linux
18- Performance Results
#book
Source Byte
Name: Windows System Programming Requirements: C, Windows (structure and etc) Level: Intermediate to Advanced Author: Johnson M. Hart Table of Contents: 1- Getting Started with Windows 2- Using the Windows File System and Character I/O 3- Advanced File…
Windows_System_Programming_4th_Edition.pdf
9.8 MB
Projects on undocumented windows APIs, a keylogger PoC, and dll injection PoC.
GitHub
Based off of a Defcon workshop
GitHub
US-23-Palmiotti-Boonen-Close-Encounters.pdf
14.9 MB
Close Encounters of the Advanced Persistent Kind
From chompie and fuzzysec
#Conference
Leveraging Rootkits for
Post-Exploitation
From chompie and fuzzysec
#Conference
Synapse Ransomware Technical Analysis
Link
#malware_analysis
Link
rule Synapse_Ransomware_1_0_0
{
meta:
denoscription = "Synapse Ransomware 1.0.0 Stable Version Release - Detection Rule"
author = "CRT"
date = "2024-05-22"
version = "1.0"
malware_type = "ransomware"
strings:
$str1 = "Global\\FSWiper" ascii wide nocase
$str2 = "ZLWP.tmp" ascii wide nocase
$str3 = "Microsoft Primitive Provider" ascii wide nocase
$str4 = "RNG" ascii wide nocase
$str5 = "Synapse" ascii wide nocase
$clsid1 = {11 F8 90 45 3A 1D D0 11 89 1F 00 AA 00 4B 2E 24}
$clsid2 = {98 66 4B 67 92 EE D0 11 AD 71 00 C0 4F D8 FD FF}
$clsid3 = {87 A6 12 DC 7F 73 CF 11 88 4D 00 AA 00 4B 2E 24}
$clsid4 = {74 A6 AC 44 FC E8 D0 11 A0 7C 00 C0 4F B6 88 20}
condition:
all of them
}
#malware_analysis
https://blog.0daylabs.com/2024/05/27/jetbrains-teamcity-auth-bypass/
Diving deep into Jetbrains TeamCity Part 1 - Analysing CVE-2024-23917 leading to Authentication Bypass
Diving deep into Jetbrains TeamCity Part 1 - Analysing CVE-2024-23917 leading to Authentication Bypass
0Daylabs
Diving deep into Jetbrains TeamCity Part 1 - Analysing CVE-2024-23917 leading to Authentication Bypass
This article aims to explore the details of CVE-2024-23917 and explain the process of constructing an exploit leading to Authentication Bypass. This article is only intended for educational purposes for understanding how vulnerabilities occur in real world.
🔥6👍4
Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals
Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan
Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463
#cve #Exp #browser
Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan
Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463
#cve #Exp #browser
Getting RCE in Chrome with incorrect side effect in the JIT compiler
https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
#cve #Exp #browser
In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
#cve #Exp #browser
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the-maglev-compiler/
#cve #Exp #browser
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the-maglev-compiler/
#cve #Exp #browser
👍3
Google Chrome Use After Free vulnerability reported by S4E Team
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
#cve #Exp #browser
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
#cve #Exp #browser
Abusing the SeRelabelPrivilege
https://decoder.cloud/2024/05/30/abusing-the-serelabelprivilege
#malware_dev
that a specific Group Poilcy granted via “User Right Assignments” the SeRelabelPrivilege to the built-in Users group and was applied on several computer accounts.
https://decoder.cloud/2024/05/30/abusing-the-serelabelprivilege
#malware_dev
Forwarded from 1N73LL1G3NC3
CookieKatz
Dump cookies directly from Chrome, Edge, or Msedgewebview2 process memory. Chromium-based browsers load all their cookies from the on-disk cookie database on startup.
The benefits of this approach are:
This solution consists of three projects:
Dump cookies directly from Chrome, Edge, or Msedgewebview2 process memory. Chromium-based browsers load all their cookies from the on-disk cookie database on startup.
The benefits of this approach are:
• Support dumping cookies from Chrome’s Incogntio and Edge’s In-Private processes
• Access cookies of other user’s browsers when running elevated
• Dump cookies from webview processes
• No need to touch on-disk database file
• DPAPI keys not needed to decrypt the cookies
• Parse cookies offline from a minidump file
This solution consists of three projects:
• CookieKatz - PE executable
• CookieKatz-BOF - Beacon Object File version
• CookieKatzMinidump - minidump parser.
Forwarded from 1N73LL1G3NC3
oldboy21.github.io
SWAPPALA: Why Change When You Can Hide?
Hello everyone! It’s been a while, many things happening and not much time for coding. Hard times. Nonetheless I had little time frames for playing with some stuff I would define cool enough to write some lines about it. Last time we talked about Indirect…
Forwarded from کانال بایت امن
This media is not supported in your browser
VIEW IN TELEGRAM
#ShortVideo
How to Deal With Password Protect Video Master (PPVM) Integrity Check
🦅 کانال بایت امن | گروه بایت امن
_
How to Deal With Password Protect Video Master (PPVM) Integrity Check
_
Please open Telegram to view this post
VIEW IN TELEGRAM
❤8
سری مقالات رمزنگاری مقدماتی به زبان ساده از محمد حسن پزشکیان
دید خوبی در این زمینه بهتون خواهد داد
امیدواریم از این سری مقالات در زبان فارسی بیشتر ببینیم
https://virgool.io/b-crypto
🔸 1 بررسی مفاهیم اولیه رمزنگاری
🔸 2 بررسی Encoding and Encryption
🔸 3 بررسی Hash & HMAC
🔸 4 بررسی Password Storage, Salt & Pepper
🔸 5 رمزنگاری متقارن یا Symmetric Encryption
🔸6 رمزنگاری نامتقارن یا Asymmetric Encryption
🔸7 امضا و گواهینامه دیجیتال
🔸8 رمزنگاری سخت افزاری و خطرات دولت ها
🔸9 ریاضیات و شرح کارکرد الگریتم های نامتقارن
🔸10 رمزنگاری منحنی بیضوی یا Elliptic-Curve
🔸11 بررسی امنیت پروتوکول های شبکه
🔸12 بررسی حملات رمزنگاری
🔸13 مرور و جمع بندی
#crypto
دید خوبی در این زمینه بهتون خواهد داد
امیدواریم از این سری مقالات در زبان فارسی بیشتر ببینیم
https://virgool.io/b-crypto
🔸 1 بررسی مفاهیم اولیه رمزنگاری
🔸 2 بررسی Encoding and Encryption
🔸 3 بررسی Hash & HMAC
🔸 4 بررسی Password Storage, Salt & Pepper
🔸 5 رمزنگاری متقارن یا Symmetric Encryption
🔸6 رمزنگاری نامتقارن یا Asymmetric Encryption
🔸7 امضا و گواهینامه دیجیتال
🔸8 رمزنگاری سخت افزاری و خطرات دولت ها
🔸9 ریاضیات و شرح کارکرد الگریتم های نامتقارن
🔸10 رمزنگاری منحنی بیضوی یا Elliptic-Curve
🔸11 بررسی امنیت پروتوکول های شبکه
🔸12 بررسی حملات رمزنگاری
🔸13 مرور و جمع بندی
#crypto
❤6
Source Byte
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language. https://github.com/joaoviictorti/RustRedOps.git @source_byte #malware_dev #rust
OffensiveGolang is a collection of offensive Go packs inspired by different repositories. Ideas have been taken from OffensiveGoLang and Ben Kurtz's DEFCON 29 talk.
https://github.com/MrTuxx/OffensiveGolang.git
#malware_dev #go
https://github.com/MrTuxx/OffensiveGolang.git
#malware_dev #go
weaponizing Nim for implant development and general offensive operations
https://github.com/byt3bl33d3r/OffensiveNim.git
Interesting Nim libraries
#malware_dev #nim
https://github.com/byt3bl33d3r/OffensiveNim.git
Interesting Nim libraries
https://github.com/dom96/jester
https://github.com/pragmagic/karax
https://github.com/Niminem/Neel
https://github.com/status-im/nim-libp2p
https://github.com/PMunch/libkeepass
https://github.com/def-/nim-syscall
https://github.com/tulayang/asyncdocker
https://github.com/treeform/ws
https://github.com/guzba/zippy
https://github.com/rockcavera/nim-iputils
https://github.com/FedericoCeratto/nim-socks5
https://github.com/CORDEA/backoff
https://github.com/treeform/steganography
https://github.com/miere43/nim-registry
https://github.com/status-im/nim-daemon
#malware_dev #nim