NEW BOT Телеграм, страница

👾4👍3

1.83K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 20:07

Schools need to stop teaching kids malware is like, 'trojans', and 'worms', etc. It's not 1996 anymore.

New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs

🤣11😁2👾1

1.74K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 20:12

Source Byte

Bear C2 is a compilation of C2 noscripts, payloads, and stagers used in simulated attacks by Russian APT groups

Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.

GitHub

#c2

👍3👾1

1.83K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited 20:19

Source Byte

RedTeam Workshop - Part 3
APT38 attacks simulation

Execution
+ T1059.001 | PowerShell
+ T1059.003 | Windows Command Shell
+ T1059.005 | Visual Basic
+ T1106 | Native API
+ T1053.005 | Scheduled Task
+ T1569.002 | Service Execution
+ T1024.002 | Malicious File
Persistence
+ T1543.003 | Windows Service

https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024

credit : @soheilsec

language : persian

🔥7👎2👾1

1.96K viewsAnastasia 🐞, edited 08:39

Source Byte

Forwarded from APT

⚙️From COM Object Fundamentals To UAC Bypasses

A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC.

🔗Research:
https://www.youtube.com/watch?v=481SI_HWlLs

🔗Source:
https://github.com/tijme/conferences/tree/master/2024-09%20OrangeCon/code

#windows #com #uac #bypass

YouTube

From COM Object Fundamentals To UAC Bypasses - Tijme Gommers

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

👍5❤4👎1👾1

1.75K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 14:28

Source Byte

Forwarded from SoheilSec (Soheil Hashemi)

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/

BleepingComputer

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to attempt disabling endpoint detection and response (EDR) services on target systems.

🔥2

1.92K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 04:54

Source Byte

Forwarded from Peneter Tools (Soheil Hashemi)

👍6👾2

1.93K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 04:54

Source Byte

APT

⚙️From COM Object Fundamentals To UAC Bypasses A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC. 🔗Research: https://www.youtube.com/watch?v=481SI_HWlLs 🔗Source: https://github.com/tijme/conferences/tree/master/2024…

This media is not supported in your browser

VIEW IN TELEGRAM

👾4👍2

1.98K viewsAnastasia 🐞, 11:33

Source Byte

Forwarded from iCe 𖤍

The changes to the IDAPython API in IDA 9 has broken some plugins and noscripts

Here's how to fix some of these issues:

https://blog.junron.dev/IDAPython%20Research/IDAPython%208%20to%209.html

jro.sg

Porting an IDAPython Plugin to IDA 9

Alternatives for some APIs removed in IDA 9

👍4

2.01K views07:20

Source Byte

2.07K views10:46

Source Byte

Memo230_IranianCyberThreat_ENG_digital.pdf

1.8 MB

Iranian Cyber Threat _ENG_ 2024

#cyber_threat #report #apt

🔥5👍3👾1

3.33K viewsedited 10:46

Source Byte

Iran_Cyber_Final_Full_v2.pdf

752.8 KB

It's for 2018 (EN)

Iran_Cyber_Threat-Final_.pdf

489.4 KB

Iran Cyber Threat Final
به‌ زبان فارسی

👍7🤣3

2.29K views10:53

Source Byte

Attribution of Advanced Persistent Threats

1👍4🐳2

2.27K viewsAnastasia 🐞, 13:01

Source Byte

Analysis of some feature of vmprotect
https://sachiel-archangel.medium.com/analysis-of-vmprotect-0b28c8e47ca5

#protector

👍7😁2

2.04K views06:12

Source Byte

j00ru//vx tech blog
https://j00ru.vexillium.org/articles/

#exp

👍3

1.82K viewsedited 11:27

Source Byte

Orange Tsai

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

📌 [ 繁體中文 | English ] Hey there! This is my research on Apache HTTP Server presented at Black Hat USA 2024. Additionally, this research will also be presented at HITCON and OrangeCon. If you’re int

https://blog.orange.tw/posts/2024-08-confusion-attacks-en/

👍5

2.02K viewst a h a, 11:32

Source Byte

0:24

This media is not supported in your browser

VIEW IN TELEGRAM

😂😂😂
https://github.com/JohnHammond/recaptcha-phish

🤣8👍3👾2

2.25K viewsedited 13:33

Source Byte

😂😂😂 https://github.com/JohnHammond/recaptcha-phish

Anatomy of a Lumma Stealer Attack via Fake CAPTCHA Pages - Part 1
https://denwp.com/anatomy-of-a-lumma-stealer/

👍4

2.18K views13:46

Source Byte

Forwarded from Offensive Xwitter

😈 [ Kurosh Dabbagh @_Kudaes_ ]

Somebody asked if you can run a dll directly without rundll32 as you would do with an exe. You just need to remove the IMAGE_FILE_DLL flag from IMAGE_FILE_HEADER->Characteristics, which can be done with the option -e. Don't see much use for it tho ^^

🔗 https://github.com/Kudaes/CustomEntryPoint

🐥 [ tweet ]

👍3❤2

1.85K views12:59

About

Blog

Apps

Platform