Windows-PE-Definitive-Guide-Chapter-01.pdf
2 MB
باز نویسی و ترجمه کتاب Windows PE权威指南 به زبان فارسی از مهندس محمودنیا موسس آکادمی DWORD
@source_byte
#pe #book
@source_byte
#pe #book
🔥4👏4👾3👍1
Forwarded from Cafe Security (Mohammad)
Fuzzer Internals
https://blog.reodus.com/posts/fuzzer-internals-part1/
https://blog.reodus.com/posts/fuzzer-internals-part2/
https://blog.reodus.com/posts/fuzzer-internals-part3/
#fuzzing
https://blog.reodus.com/posts/fuzzer-internals-part1/
https://blog.reodus.com/posts/fuzzer-internals-part2/
https://blog.reodus.com/posts/fuzzer-internals-part3/
#fuzzing
👍3
Forwarded from S.E.Book
• NTFS Files Attributes;
• FuncIn;
• Code Cave;
• Stolen Certificate;
• Redirect Antivirus Website Evading Techniques;
• Shortcut Hiding;
• Disabling Antivirus;
• Adding Antivirus Exception;
• Fake Signature;
• Mark-Of-The-Web (MOTW) Bypass;
• Return Address Spoofing;
• Runtime Function Decryption;
• DLL Unhooking;
- How DLL Unhooking Works;
- Unhooking Strategies;
• Evasion Using Direct Syscalls;
- Key Aspects of This Technique;
- Operational Mechanism;
- Featured Windows APIs;
• Unloading Module With FreeLibrary;
- Operational Overview;
- Key Aspects of This Technique;
- Featured Windows APIs;
• References.
#Malware
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥8👾2❤1
Forwarded from Cafe Security (Mohammad)
The art of Fuzzing: Introduction
https://bushido-sec.com/index.php/2023/06/19/the-art-of-fuzzing/
@cafe_security
https://bushido-sec.com/index.php/2023/06/19/the-art-of-fuzzing/
@cafe_security
Bushido Security
The art of Fuzzing: Introduction. - Bushido Security
This fuzzing introduction cover all the essentials one should know about the art of fuzzing. It explain major concept and illustrate it with and hands-on exercise the reader can follow. In conclusion some hints are given on how to hunt for bugs with fuzzing.
❤6👍2
Forwarded from Order of Six Angles
PE-LiteScan (or PELS) is a simple heuristic analyzer for common PE-anomalies, specifically focusing on the detection of packers and protectors. Designed for Windows and Linux.
https://github.com/DosX-dev/PE-LiteScan
https://github.com/DosX-dev/PE-LiteScan
GitHub
GitHub - DosX-dev/PE-LiteScan: A simple crossplatform heuristic PE-analyzer
A simple crossplatform heuristic PE-analyzer. Contribute to DosX-dev/PE-LiteScan development by creating an account on GitHub.
❤6👍2
Forwarded from APT
This media is not supported in your browser
VIEW IN TELEGRAM
🌀Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
🔗 Source
https://github.com/vxCrypt0r/Voidgate
#av #edr #evasion #hwbp #cpp
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
🔗 Source
https://github.com/vxCrypt0r/Voidgate
#av #edr #evasion #hwbp #cpp
👍4🔥3👾3❤🔥1
Source Byte
gargoyle is a technique for hiding all of a program’s executable code in non-executable memory GitHub Link Blog #malware_dev
This media is not supported in your browser
VIEW IN TELEGRAM
Bypassing PESieve and Moneta (The "easy" way....?)
It contains several parts.
Implementation of gargoyle
+ Blog
+ GitHub
#malware_dev
It contains several parts.
Implementation of gargoyle
Lockd: This is the main Gargoyle component
sRDI-Master: This has been slightly re worked to provide a free mechanism.
test.profile: This sample profile shows required options to work
ShellcodeRDI.py: This is the altered python generator with the new sRDI assembly
+ Blog
+ GitHub
#malware_dev
👾5👍2
post updated :
part 21 added
Getting started with Event Tracing for Windows in C#
credit : Alex Khanin
https://medium.com/@alexkhanin/getting-started-with-event-tracing-for-windows-in-c-8d866e8ab5f2
part 21 added
Getting started with Event Tracing for Windows in C#
credit : Alex Khanin
https://medium.com/@alexkhanin/getting-started-with-event-tracing-for-windows-in-c-8d866e8ab5f2
🔥5👍2
Forwarded from Cafe Security (Mohammad)
A_very_quick_look_inside_win32k_rs_REcon_2023_Lightning_Talk.pdf
3.4 MB
👍4❤1
شاید خیلی وقتا دوست داشتی وارد مسیر امنیت بشی و نمیدونستی از کجا؟
یا شروع کردی و بعد یه مدت رها کردی؟
یا به دنبال فضایی بودی برای پیشرفت ولی پیدا نکردی؟
ما اینجاییم که به تو کمک کنیم:
توی جمع صمیمی یادبگیری
و
پیوستگی رو رها نکنی.
و از همه مهمتر
برای اطلاع دقیق از شرایط با ما درارتباط باشید .😉
@adm_sec_hint
🌐@Sec_Hint
یا شروع کردی و بعد یه مدت رها کردی؟
یا به دنبال فضایی بودی برای پیشرفت ولی پیدا نکردی؟
ما اینجاییم که به تو کمک کنیم:
توی جمع صمیمی یادبگیری
و
پیوستگی رو رها نکنی.
و از همه مهمتر
منتور های با تجربه در پنتست و باگ هانتینگ
برای اطلاع دقیق از شرایط با ما درارتباط باشید .😉
@adm_sec_hint
🌐@Sec_Hint
🤣3👎2🍾2👍1