Forwarded from SoheilSec (Soheil Hashemi)
این کتاب به نظرم خیلی مناسب برای یادگیری مفاهیم امنیتی در ویندوز و همچنین کمک میکنه به کسانی که کارشون IR هست.
اگر در بلوتیم یا ردتیم فعالیت میکنید این کتاب تو برنامتون قرار بدید.
اگر در بلوتیم یا ردتیم فعالیت میکنید این کتاب تو برنامتون قرار بدید.
👍3👎2
Taking a Midnight Walk with PEB and Phobos Ransomware
https://github.com/nikhilh-20/nikhilh-20.github.io.git
https://github.com/nikhilh-20/nikhilh-20.github.io.git
👍4
Tools & Resources for Cyber Security Operations
infosec.house/
https://github.com/InfosecHouse/InfosecHouse.git
infosec.house/
https://github.com/InfosecHouse/InfosecHouse.git
👍4🍾2
Forwarded from OnHex
YouTube
Malware Development - Mythic C2 Agent Development Part 4
Malware Development is not only for shellcode runners, it is also for creating exploits and C2 frameworks. Join me on this stream where we continue the series of Mythic C2 agent development! We are getting closer and closer to the end goal of having a nice…
👍2
🛡️الدرع الأخضر | GREEN ARMOR🛡️
Message
This media is not supported in your browser
VIEW IN TELEGRAM
🍾8👍1
Forwarded from Infosec Fortress
Maurice's Blog 🐍
A journey through KiUserExceptionDispatcher
I am currently working on an emulation environment similar to Qiling.
Unlike Qiling, it emulates the entire user-space, not just the target application.
As Qiling reimplements all APIs (kernel32, vcruntime, …) outside the emulator, it gains a lot of speed…
Unlike Qiling, it emulates the entire user-space, not just the target application.
As Qiling reimplements all APIs (kernel32, vcruntime, …) outside the emulator, it gains a lot of speed…
👍5
Lateral Movement using the MMC20.Application COM Object
https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/
First part
https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/
👍4
Demystifying Windows Component Object Model (COM)
https://www.221bluestreet.com/offensive-security/windows-components-object-model/demystifying-windows-component-object-model-com
https://www.221bluestreet.com/offensive-security/windows-components-object-model/demystifying-windows-component-object-model-com
221Bluestreet
Demystifying Windows Component Object Model (COM) | 0xShukruN
🔥3👍2
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback/
#malware_dev
From MDSec
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback/
#malware_dev
❤3👍3
Forwarded from 1N73LL1G3NC3
Demonstration of pivoting with ZeroTier and Nebula during the post-exploitation process. These tools showcase impressive capabilities such as flexible routing, NAT traversal, and the ability to build tunnels between isolated network segments, granting full access to internal infrastructure.
Thx to my bro @casterbyte
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥7👍5👎1
👍7
Forwarded from CyberSecurityTechnologies (-CST-)
HookChain_new_perspective.pdf
14.4 MB
#Red_Team_Tactics
"HookChain: A new perspective for Bypassing EDR Solutions", 2024.
]-> https://github.com/helviojunior/hookchain
"HookChain: A new perspective for Bypassing EDR Solutions", 2024.
]-> https://github.com/helviojunior/hookchain
👍4❤2🔥1👏1
Kimsuky Group's new backdoor appeared (HappyDoor)
https://web.archive.org/web/20240626161026/https://asec.ahnlab.com/ko/67128/
https://web.archive.org/web/20240626161026/https://asec.ahnlab.com/ko/67128/
🔥3👍2