Source Byte – Telegram
Source Byte
@sourcebyte
7.74K subscribers
846 photos
73 videos
678 files
1.68K links
هشیار کسی باید کز عشق بپرهیزد
وین طبع که من دارم با عقل نیامیزد
Saadi Shirazi 187
Download Telegram
About
Blog
Apps
Platform
Join
Source Byte
7.74K subscribers
Source Byte
The (Anti-)EDR Compendium
EDR functionality and bypasses in 2024, with focus on undetected shellcode loader.

https://blog.deeb.ch/posts/how-edr-works/
👍3
2.14K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
1.91K viewsAnastasia 🐞
Source Byte
Introduction_to_Computing_Systems_From_Bits_Gates_to_CC++_Beyond.pdf
10.8 MB
🤡1
1.81K viewsAnastasia 🐞
Source Byte
RedTeam Workshop - Part 2
+ Denoscription of the simulation scenario
+ Overview on TTP Explanation
+ why we chose Cobalt Strike CS
+ Simulation of IA Tactics
Initial Access
+ T1189 | Drive by compromise
+ T1566.001 | Spear-Phishing Attachment
Defense Evasion
+ T1027.006 | HTML smuggling


https://www.youtube.com/watch?v=mRl7o7Uq-IE
slides / notes :
https://github.com/soheilsec/RT-workshop-2024

credit : @soheilsec
language : persian
7👍1👾1
1.93K viewsAnastasia 🐞
Source Byte
Forwarded from Infosec Fortress
Windows 10 Segment Heap Internals

#binary
#windows
#internals
———
🆔 @Infosec_Fortress
👍32👾1
1.82K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from Infosec Fortress
us-16-Yason-Windows-10-Segment-Heap-Internals-wp.pdf
1.8 MB
#binary
#windows
#internals
———
🆔 @Infosec_Fortress
👍5👾2
1.89K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
A set of programs for analyzing common vulnerabilities in COM
CICADA8Research
https://github.com/CICADA8-Research/COMThanasia

#windows #com
👍3🔥1👏1👾1
1.68K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited  
Source Byte
Forwarded from Hidden Lock repository
1.79K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from Hidden Lock repository
Cryptography Made Simple.pdf
4.1 MB
👾4👍3
1.83K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from vx-underground
Schools need to stop teaching kids malware is like, 'trojans', and 'worms', etc. It's not 1996 anymore.

New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs
🤣11😁2👾1
1.74K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Bear C2 is a compilation of C2 noscripts, payloads, and stagers used in simulated attacks by Russian APT groups
Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
GitHub

#c2
👍3👾1
1.83K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited  
Source Byte
RedTeam Workshop - Part 3
APT38 attacks simulation
Execution
+ T1059.001 | PowerShell
+ T1059.003 | Windows Command Shell
+ T1059.005 | Visual Basic
+ T1106 | Native API
+ T1053.005 | Scheduled Task
+ T1569.002 | Service Execution
+ T1024.002 | Malicious File
Persistence
+ T1543.003 | Windows Service

https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024

credit : @soheilsec
language : persian
🔥7👎2👾1
1.96K viewsAnastasia 🐞, edited  
Source Byte
Forwarded from APT
⚙️From COM Object Fundamentals To UAC Bypasses

A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC.

🔗Research:
https://www.youtube.com/watch?v=481SI_HWlLs

🔗Source:
https://github.com/tijme/conferences/tree/master/2024-09%20OrangeCon/code

#windows #com #uac #bypass
YouTube
From COM Object Fundamentals To UAC Bypasses - Tijme Gommers
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
👍54👎1👾1
1.75K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from SoheilSec (Soheil Hashemi)
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/
BleepingComputer
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to attempt disabling endpoint detection and response (EDR) services on target systems.
🔥2
1.92K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from Peneter Tools (Soheil Hashemi)
tdsskiller.zip
4.7 MB
tdsskiller.exe
4.8 MB
👍6👾2
1.93K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
APT
⚙️From COM Object Fundamentals To UAC Bypasses A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC. 🔗Research: https://www.youtube.com/watch?v=481SI_HWlLs 🔗Source: https://github.com/tijme/conferences/tree/master/2024…
This media is not supported in your browser
VIEW IN TELEGRAM
👾4👍2
1.98K viewsAnastasia 🐞
Source Byte
Forwarded from iCe 𖤍
The changes to the IDAPython API in IDA 9 has broken some plugins and noscripts

Here's how to fix some of these issues:

https://blog.junron.dev/IDAPython%20Research/IDAPython%208%20to%209.html
jro.sg
Porting an IDAPython Plugin to IDA 9
Alternatives for some APIs removed in IDA 9
👍4
2.01K views
Source Byte
2.07K views
Source Byte
Memo230_IranianCyberThreat_ENG_digital.pdf
1.8 MB
Iranian Cyber Threat _ENG_ 2024


#cyber_threat #report #apt
🔥5👍3👾1
3.33K viewsedited  
Source Byte
Iran_Cyber_Final_Full_v2.pdf
752.8 KB
It's for 2018 (EN)
Iran_Cyber_Threat-Final_.pdf
489.4 KB
Iran Cyber Threat Final
به‌ زبان فارسی
👍7🤣3
2.29K views