Win32 Reverse TCP Shellcode
Credit: Xenofon Vassilakopoulos
Pt1: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-1-Locating-the-kernelbase-address/
Pt2: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-2-Locate-the-Export-Directory-Table/
Pt3: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-3-Constructing-the-reverse-shell-connection/
Code:
https://github.com/xen0vas/Win32-Reverse-TCP-Shellcode.git
#shellcode #asm #winasm
Wanna learn how to write shellcode for your specific purpose in windows?
This is what you need !
Credit: Xenofon Vassilakopoulos
Pt1: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-1-Locating-the-kernelbase-address/
Pt2: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-2-Locate-the-Export-Directory-Table/
Pt3: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-3-Constructing-the-reverse-shell-connection/
Code:
https://github.com/xen0vas/Win32-Reverse-TCP-Shellcode.git
#shellcode #asm #winasm
👾9👍1
👍4❤2
🔥10👍3
Rust for Malware Development
This repository contains source codes of various techniques used by real-world malware authors, red teamers, threat actors, state-sponsored hacking groups etc. These techniques are well-researched and implemented in Rust.
https://github.com/Whitecat18/Rust-for-Malware-Development/tree/main
#rust #maldev
❤8👍2
Forwarded from Pwn3rzs
Cobalt Strike 4.9
Download:
NOTE:
Our releases of Cobalt Strike will always be packed and obfuscated.
Unlike the crack previously shared by the Chinese website, to which we are not linked.
Download:
https://ponies.cloud/c2/CobaltStrike%204.9%20Cracked%20uCare@Pwn3rzs.7z
Password: 20231004_2218
Full Black client: https://ponies.cloud/c2/CobaltStrike%204.9%20Client%20Only%20Full%20Theme%20uCare@Pwn3rzs.7z
Password: 20231005_2033
Enjoy!NOTE:
Our releases of Cobalt Strike will always be packed and obfuscated.
Unlike the crack previously shared by the Chinese website, to which we are not linked.
❤8👍2
RedTeam Workshop - Part 1
https://www.youtube.com/watch?v=8drwwezrrYU
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
language : persian
+ What is RedTeam
+ What is APT Group
+ Types of Hackers
+ Why RedTeam Matters
+ The Cost of Data Leakage and Data Breach
+ What is MitreAttack
https://www.youtube.com/watch?v=8drwwezrrYU
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
🔥9👍2👎1
Analysis of a Caddy Wiper Sample Targeting Ukraine
Credit: Ali Mosajjal
https://blog.n0p.me/2022/03/2022-03-26-caddywiper/
Credit: Ali Mosajjal
FindFirstFileA
FindNextFileA
CreateFileA
GetFileSize
LocalAlloc
SetFilePointer
WriteFile
LocalFree
CloseHandle
FindClose
https://blog.n0p.me/2022/03/2022-03-26-caddywiper/
👍5👌1
The (Anti-)EDR Compendium
EDR functionality and bypasses in 2024, with focus on undetected shellcode loader.
https://blog.deeb.ch/posts/how-edr-works/
EDR functionality and bypasses in 2024, with focus on undetected shellcode loader.
https://blog.deeb.ch/posts/how-edr-works/
👍3
RedTeam Workshop - Part 2
https://www.youtube.com/watch?v=mRl7o7Uq-IE
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
language : persian
+ Denoscription of the simulation scenario
+ Overview on TTP Explanation
+ why we chose Cobalt Strike CS
+ Simulation of IA Tactics
Initial Access
+ T1189 | Drive by compromise
+ T1566.001 | Spear-Phishing Attachment
Defense Evasion
+ T1027.006 | HTML smuggling
https://www.youtube.com/watch?v=mRl7o7Uq-IE
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
❤7👍1👾1
A set of programs for analyzing common vulnerabilities in COM
#windows #com
CICADA8Research
https://github.com/CICADA8-Research/COMThanasia
#windows #com
👍3🔥1👏1👾1
Forwarded from vx-underground
Schools need to stop teaching kids malware is like, 'trojans', and 'worms', etc. It's not 1996 anymore.
New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs
New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs
🤣11😁2👾1
RedTeam Workshop - Part 3
APT38 attacks simulation
https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
language : persian
APT38 attacks simulation
Execution
+ T1059.001 | PowerShell
+ T1059.003 | Windows Command Shell
+ T1059.005 | Visual Basic
+ T1106 | Native API
+ T1053.005 | Scheduled Task
+ T1569.002 | Service Execution
+ T1024.002 | Malicious File
Persistence
+ T1543.003 | Windows Service
https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
🔥7👎2👾1