NEW BOT Телеграм, страница

Forwarded from CyberSecurity Shield (Pouyan Zamani)

👍5❤1🔥1🍓1

2.16K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 06:31

Forwarded from CyberSecurity Shield (Pouyan Zamani)

با سلام و خسته نباشید خدمت همه عزیزان
عذرخواهی ویژه بابت تاخیر طولانی،
بخش دوم دوره SCE 450 با همون فرمون قبلی خدمت شما عزیزان 😁🌹🙏🏻

❤4👍2

2.23K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 06:31

Source Byte

Injecting Malicious Code into PDF Files and Creating a PDF Dropper

PDF files are often considered static documents by most people. However, the PDF standard allows for the execution of JavaScript code within the document. This feature offers various attack vectors that can be used for Red Team tests and cybersecurity research. In this article, we will examine how to inject JavaScript into a PDF file to download a file from a specific URL and establish a Command and Control (C2) connection using this method.

https://cti.monster/blog/2024/07/25/pdfdropper.html

👍7🤣3

2.61K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited 16:39

Source Byte

🤣21❤14👾1

2.37K viewsAnastasia 🐞, 04:03

Source Byte

JonMon.pdf

2.5 MB

Unleashing JonMon:
Deep Insights into Your Windows Activity

By: Jonny Johnson

🔥3👍2❤1

2.07K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 12:13

Source Byte

https://github.com/boku7/AsmHalosGate

GitHub

GitHub - boku7/AsmHalosGate: x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks

x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks - boku7/AsmHalosGate

👍4

3.48K viewst a h a, 12:24

Source Byte

https://github.com/wikiZ/RedGuard

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

GitHub

GitHub - wikiZ/RedGuard: RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check. - wikiZ/RedGuard

🔥3👍2❤‍🔥1

2.15K viewst a h a, 15:29

Source Byte

Deep Sea Phishing

[ 00 ] How to Bypass EDR With Custom Payloads

If endpoint detection and response (EDR) protections keep blocking your phishing payloads, you really should learn how to write custom payloads. If you’ve never written a custom payload, this is a great place to start. If you have some experience with custom payloads, I hope I can at least simplify the way you think about payload design to make it easy and fun.

[ 01 ] Making Your Malware Look Legit to Bypasses EDR

I wanted to write this blog about several good techniques for endpoint detection and response (EDR) evasion; however, as I was writing about how to evade EDRs, I was hit with an epiphany:“EDR evasion is all about looking like legitimate software” — ph3eds, 2024

👾9👍3🔥2

2.52K viewsAnastasia 🐞, 05:43

Source Byte

Forwarded from CyberSecurityTechnologies (-CST-)

#exploit
Techniques for Privilege Escalation on Windows
Part 1: https://www.zerodayinitiative.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1
Part 2: https://www.zerodayinitiative.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2
Part 3: https://www.zerodayinitiative.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3

❤4🥱2👍1

2.3K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 13:29

Source Byte

https://web.archive.org/web/20240719160444/http://undocumented.ntinternals.net/

Xray(actually nudes) of windows internals

💅3😘2👍1

2.64K viewst a h a, 14:15

Source Byte

https://github.com/0xp17j8/RE-MA-Roadmap

GitHub

GitHub - x86byte/RE-MA-Roadmap: Reverse Engineering and Malware Analysis Roadmap

Reverse Engineering and Malware Analysis Roadmap. Contribute to x86byte/RE-MA-Roadmap development by creating an account on GitHub.

👍7❤1👎1

2.89K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 07:19

Source Byte

PowerOfTcb

This directory covers how to use SeTcbPrivilege for educational purpose. SeTcbPrivilege is a multi puropse privilege. A user has SeTcbPrivilege is able to perform various token manipulation. For example, following token factors class can be manipulated with SeTcbPrivilege (but most of them cannot be manipulated for assigned primary token):

Session ID
Origin
Mandatory Policy
Integrity Level (downgrade operation does not require SeTcbPrivilege)

https://github.com/daem0nc0re/PrivFu/tree/main/PowerOfTcb

👍3

2.33K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 04:57

Source Byte

😭😭

👾8👍2😁2🤣1🤓1

2.25K viewsAnastasia 🐞, 05:04

Source Byte

Windows Process Access Token and user privilege

Privileges are listed and explained at: MSDN

use the Windows Privileges to elevate your rights within the OS.
Priv2Admin

Understanding and Abusing Process Tokens — Part I
Understanding and Abusing Process Tokens — Part II‌

Access Tokens‌

Abusing Tokens

Adjusting Process Token Privileges

Stealing Access Tokens From Office Desktop Applications

#windows #token #internals

👾11❤2👍1🔥1

2.5K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 04:41

Source Byte

Forwarded from Yashar Mahmoudnia

windows-security-internals-deep-dive.pdf

6.3 MB

Windows Security Internals: A Deep Dive into Windows Authentication, Authorization, and Auditing

True PDF - Final
_

❤11👍1

2.81K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 08:56

Source Byte

IDA Pro 9.0.zip

463 MB

1. edit license owner and shit to whatever you want
2. place ida/ida64 dll/so/dylib in same dir as noscript
3. run the noscript to generate a license
4. copy the generated license and replace dlls with patched ones
5. run

#ida

👍4👏2😱1

2.79K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited 08:05

Source Byte

Forwarded from Tim

IDA Professional 9.0.zip

416.4 MB

working crack for ida 9.0 arm64 mac os. Ill upload x86 mac os and linux once i wake up again. Just extract and place in your mac os applications folder

❤3👍2

2.7K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 08:07

Source Byte

Forwarded from Tim

might need to ad-hoc sign the libida64.dylib for it to launch

👍2

2.5K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 08:07

Source Byte

Forwarded from Tim

screenshot of it on my macbook decompiling an arm64 binary

👍2

2.87K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 08:07