Rust for Malware Development
This repository contains source codes of various techniques used by real-world malware authors, red teamers, threat actors, state-sponsored hacking groups etc. These techniques are well-researched and implemented in Rust.
https://github.com/Whitecat18/Rust-for-Malware-Development/tree/main
#rust #maldev
❤8👍2
Forwarded from Pwn3rzs
Cobalt Strike 4.9
Download:
NOTE:
Our releases of Cobalt Strike will always be packed and obfuscated.
Unlike the crack previously shared by the Chinese website, to which we are not linked.
Download:
https://ponies.cloud/c2/CobaltStrike%204.9%20Cracked%20uCare@Pwn3rzs.7z
Password: 20231004_2218
Full Black client: https://ponies.cloud/c2/CobaltStrike%204.9%20Client%20Only%20Full%20Theme%20uCare@Pwn3rzs.7z
Password: 20231005_2033
Enjoy!NOTE:
Our releases of Cobalt Strike will always be packed and obfuscated.
Unlike the crack previously shared by the Chinese website, to which we are not linked.
❤8👍2
RedTeam Workshop - Part 1
https://www.youtube.com/watch?v=8drwwezrrYU
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
language : persian
+ What is RedTeam
+ What is APT Group
+ Types of Hackers
+ Why RedTeam Matters
+ The Cost of Data Leakage and Data Breach
+ What is MitreAttack
https://www.youtube.com/watch?v=8drwwezrrYU
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
🔥9👍2👎1
Analysis of a Caddy Wiper Sample Targeting Ukraine
Credit: Ali Mosajjal
https://blog.n0p.me/2022/03/2022-03-26-caddywiper/
Credit: Ali Mosajjal
FindFirstFileA
FindNextFileA
CreateFileA
GetFileSize
LocalAlloc
SetFilePointer
WriteFile
LocalFree
CloseHandle
FindClose
https://blog.n0p.me/2022/03/2022-03-26-caddywiper/
👍5👌1
The (Anti-)EDR Compendium
EDR functionality and bypasses in 2024, with focus on undetected shellcode loader.
https://blog.deeb.ch/posts/how-edr-works/
EDR functionality and bypasses in 2024, with focus on undetected shellcode loader.
https://blog.deeb.ch/posts/how-edr-works/
👍3
RedTeam Workshop - Part 2
https://www.youtube.com/watch?v=mRl7o7Uq-IE
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
language : persian
+ Denoscription of the simulation scenario
+ Overview on TTP Explanation
+ why we chose Cobalt Strike CS
+ Simulation of IA Tactics
Initial Access
+ T1189 | Drive by compromise
+ T1566.001 | Spear-Phishing Attachment
Defense Evasion
+ T1027.006 | HTML smuggling
https://www.youtube.com/watch?v=mRl7o7Uq-IE
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
❤7👍1👾1
A set of programs for analyzing common vulnerabilities in COM
#windows #com
CICADA8Research
https://github.com/CICADA8-Research/COMThanasia
#windows #com
👍3🔥1👏1👾1
Forwarded from vx-underground
Schools need to stop teaching kids malware is like, 'trojans', and 'worms', etc. It's not 1996 anymore.
New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs
New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs
🤣11😁2👾1
RedTeam Workshop - Part 3
APT38 attacks simulation
https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
language : persian
APT38 attacks simulation
Execution
+ T1059.001 | PowerShell
+ T1059.003 | Windows Command Shell
+ T1059.005 | Visual Basic
+ T1106 | Native API
+ T1053.005 | Scheduled Task
+ T1569.002 | Service Execution
+ T1024.002 | Malicious File
Persistence
+ T1543.003 | Windows Service
https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024
credit : @soheilsec
🔥7👎2👾1
Forwarded from APT
⚙️From COM Object Fundamentals To UAC Bypasses
A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC.
🔗Research:
https://www.youtube.com/watch?v=481SI_HWlLs
🔗Source:
https://github.com/tijme/conferences/tree/master/2024-09%20OrangeCon/code
#windows #com #uac #bypass
A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC.
🔗Research:
https://www.youtube.com/watch?v=481SI_HWlLs
🔗Source:
https://github.com/tijme/conferences/tree/master/2024-09%20OrangeCon/code
#windows #com #uac #bypass
YouTube
From COM Object Fundamentals To UAC Bypasses - Tijme Gommers
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
👍5❤4👎1👾1
Forwarded from SoheilSec (Soheil Hashemi)
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/
https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/
BleepingComputer
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to attempt disabling endpoint detection and response (EDR) services on target systems.
🔥2
Forwarded from Peneter Tools (Soheil Hashemi)
👍6👾2