Top C&C Methods From Reza Rashidi
✓ redteamrecipe

#c2 #post

Havoc C2 (Analysis)

⎚ Havoc Across the Cyberspace loader, dll, etc...

⎚ Defense against Havoc

⎚ Havoc C2 AV/EDR Bypass Methods Part 1 Part 2

⎚ test out the Sleep Obfuscation and also how write that

The post will be updated...

#C2

#Full_Course #SEC511 #Persian

Evasive Malware

#book #malware_dev

🔑 RockYou2024: 10 billion passwords leaked in the largest compilation of all time

Researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext password

🔗 Source:
https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/

🔗 Source archive:
https://fastupload.io/1824d409732f30be

#wordlist #rockyou #passwords

Research into removing strings & API call references at compile-time (Anti-Analysis)
GitHub

An example in C/C++ of how we can remove static string & function call references by using obfuscation paired with runtime function pointers. As a result, static analysis using tools such as IDA or x64Dbg increases in time/difficulty. You may be able to hide specific API calls from anti-malware systems. On the other hand, some AVs might also flag this behavior as being malicious due to there being a lack of "real looking behavior" in the binary.

#malware_dev #evasion

CBS - Custom Breakpoint Setter
This is an IDA Plugin powered by Python that sets a disabled breakpoint on specific instruction's mnemonic.

credit : AmirMohammad Jahangirzad

https://github.com/Reodus/CBS