Source Byte – Telegram
Source Byte
@sourcebyte
7.74K subscribers
846 photos
73 videos
678 files
1.68K links
هشیار کسی باید کز عشق بپرهیزد
وین طبع که من دارم با عقل نیامیزد
Saadi Shirazi 187
Download Telegram
About
Blog
Apps
Platform
Join
Source Byte
7.74K subscribers
Source Byte
Forwarded from vx-underground
Schools need to stop teaching kids malware is like, 'trojans', and 'worms', etc. It's not 1996 anymore.

New malware types:
- Ransomware
- Loaders
- Information Stealers
- Piles of shit that doesn't work
- RATs
🤣11😁2👾1
1.74K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Bear C2 is a compilation of C2 noscripts, payloads, and stagers used in simulated attacks by Russian APT groups
Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
GitHub

#c2
👍3👾1
1.83K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited  
Source Byte
RedTeam Workshop - Part 3
APT38 attacks simulation
Execution
+ T1059.001 | PowerShell
+ T1059.003 | Windows Command Shell
+ T1059.005 | Visual Basic
+ T1106 | Native API
+ T1053.005 | Scheduled Task
+ T1569.002 | Service Execution
+ T1024.002 | Malicious File
Persistence
+ T1543.003 | Windows Service

https://www.youtube.com/watch?v=XjeIPE4g33s
slides / notes :
https://github.com/soheilsec/RT-workshop-2024

credit : @soheilsec
language : persian
🔥7👎2👾1
1.96K viewsAnastasia 🐞, edited  
Source Byte
Forwarded from APT
⚙️From COM Object Fundamentals To UAC Bypasses

A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC.

🔗Research:
https://www.youtube.com/watch?v=481SI_HWlLs

🔗Source:
https://github.com/tijme/conferences/tree/master/2024-09%20OrangeCon/code

#windows #com #uac #bypass
YouTube
From COM Object Fundamentals To UAC Bypasses - Tijme Gommers
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
👍54👎1👾1
1.75K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from SoheilSec (Soheil Hashemi)
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/
BleepingComputer
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to attempt disabling endpoint detection and response (EDR) services on target systems.
🔥2
1.92K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from Peneter Tools (Soheil Hashemi)
tdsskiller.zip
4.7 MB
tdsskiller.exe
4.8 MB
👍6👾2
1.93K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
APT
⚙️From COM Object Fundamentals To UAC Bypasses A 25-minute crash course covering Tokens, Privileges, UAC, COM, and ultimately bypassing UAC. 🔗Research: https://www.youtube.com/watch?v=481SI_HWlLs 🔗Source: https://github.com/tijme/conferences/tree/master/2024…
This media is not supported in your browser
VIEW IN TELEGRAM
👾4👍2
1.98K viewsAnastasia 🐞
Source Byte
Forwarded from iCe 𖤍
The changes to the IDAPython API in IDA 9 has broken some plugins and noscripts

Here's how to fix some of these issues:

https://blog.junron.dev/IDAPython%20Research/IDAPython%208%20to%209.html
jro.sg
Porting an IDAPython Plugin to IDA 9
Alternatives for some APIs removed in IDA 9
👍4
2.01K views
Source Byte
2.07K views
Source Byte
Memo230_IranianCyberThreat_ENG_digital.pdf
1.8 MB
Iranian Cyber Threat _ENG_ 2024


#cyber_threat #report #apt
🔥5👍3👾1
3.33K viewsedited  
Source Byte
Iran_Cyber_Final_Full_v2.pdf
752.8 KB
It's for 2018 (EN)
Iran_Cyber_Threat-Final_.pdf
489.4 KB
Iran Cyber Threat Final
به‌ زبان فارسی
👍7🤣3
2.29K views
Source Byte
Source Byte
Attribution of Advanced Persistent Threats
1👍4🐳2
2.27K viewsAnastasia 🐞
Source Byte
Analysis of some feature of vmprotect
https://sachiel-archangel.medium.com/analysis-of-vmprotect-0b28c8e47ca5

#protector
👍7😁2
2.04K views
Source Byte
j00ru//vx tech blog
https://j00ru.vexillium.org/articles/

#exp
👍3
1.82K viewsedited  
Source Byte
Orange Tsai
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
📌 [ 繁體中文 | English ] Hey there! This is my research on Apache HTTP Server presented at Black Hat USA 2024. Additionally, this research will also be presented at HITCON and OrangeCon. If you’re int
https://blog.orange.tw/posts/2024-08-confusion-attacks-en/
👍5
2.02K viewst a h a
Source Byte
This media is not supported in your browser
VIEW IN TELEGRAM
😂😂😂
https://github.com/JohnHammond/recaptcha-phish
🤣8👍3👾2
2.25K viewsedited  
Source Byte
Source Byte
😂😂😂 https://github.com/JohnHammond/recaptcha-phish
Anatomy of a Lumma Stealer Attack via Fake CAPTCHA Pages - Part 1
https://denwp.com/anatomy-of-a-lumma-stealer/
👍4
2.18K views
Source Byte
Forwarded from Offensive Xwitter
😈 [ Kurosh Dabbagh @_Kudaes_ ]

Somebody asked if you can run a dll directly without rundll32 as you would do with an exe. You just need to remove the IMAGE_FILE_DLL flag from IMAGE_FILE_HEADER->Characteristics, which can be done with the option -e. Don't see much use for it tho ^^

🔗 https://github.com/Kudaes/CustomEntryPoint

🐥 [ tweet ]
👍32
1.85K views
Source Byte
CreateSvcRpc
A custom RPC client to execute programs as the SYSTEM user


https://www.x86matthew.com/view_post?id=create_svc_rpc

#RPC
👍11
2.01K viewsedited