Source Byte – Telegram
Source Byte
@sourcebyte
7.75K subscribers
846 photos
73 videos
678 files
1.68K links
هشیار کسی باید کز عشق بپرهیزد
وین طبع که من دارم با عقل نیامیزد
Saadi Shirazi 187
Download Telegram
About
Blog
Apps
Platform
Join
Source Byte
7.75K subscribers
Source Byte
Windows Security Monitoring Scenarios and - Unknown.pdf
6.3 MB
👍4
2.44K views
Source Byte
The Abuse of Exception Handlers
[ Blog ]

#malware_dev #anti_debug
👍6
2.15K views
Source Byte
🤣25😁4🤡4
2.2K views
Source Byte
https://offensive-panda.github.io/ProcessInjectionTechniques/
8👍3❤‍🔥2
2.49K viewsAnastasia 🐞
Source Byte
Taking a Midnight Walk with PEB and Phobos Ransomware
https://github.com/nikhilh-20/nikhilh-20.github.io.git
👍4
2.33K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Tools & Resources for Cyber Security Operations
infosec.house/

https://github.com/InfosecHouse/InfosecHouse.git
👍4🍾2
2.35K views
Source Byte
Forwarded from OnHex
🔴 قسمت چهارم، این مجموعه آموزشی منتشر شد.

#بدافزار #توسعه_بدافزار #تیم_قرمز

🆔 @onhex_ir
➡️ ALL Link
YouTube
Malware Development - Mythic C2 Agent Development Part 4
Malware Development is not only for shellcode runners, it is also for creating exploits and C2 frameworks. Join me on this stream where we continue the series of Mythic C2 agent development! We are getting closer and closer to the end goal of having a nice…
👍2
2.46K views
Source Byte
Source Byte
Best Active Directory Resources ^ ⌃ ⍰ Just open it Twitter : @zer1t0 ⊞ Attacking Active Directory: 0 to 0.9 ⍰ I think it's enough! LinkedIn: Sean Metcalf His Blog: ⊞ https://adsecurity.org/ His Compony: ⊞ https://www.trimarcsecurity.com/research Mini…
Updated
2.36K views
Source Byte
OMG! You got #r00t!😂
😁20💔6👍3🔥1🤡1
2.61K viewsedited  
Source Byte
🛡️الدرع الأخضر | GREEN ARMOR🛡️
Message
This media is not supported in your browser
VIEW IN TELEGRAM
2.58K views
🍾8👍1
Source Byte
Forwarded from T00ls公开频道 | T00ls.com | 低调求发展,潜心习安全! (T00lsBot)
黑客组织 Twelve 针对俄罗斯实体发动破坏性网络攻击(作者:maojila)

黑客组织 Twelve 针对俄罗斯实体发动破坏性网络攻击
👍51
2.26K views
Source Byte
Forwarded from Infosec Fortress
Maurice's Blog 🐍
A journey through KiUserExceptionDispatcher
I am currently working on an emulation environment similar to Qiling.
Unlike Qiling, it emulates the entire user-space, not just the target application.
As Qiling reimplements all APIs (kernel32, vcruntime, …) outside the emulator, it gains a lot of speed…
A journey through KiUserExceptionDispatcher

🔗 Link

#windows
#reverse
———
🆔 @Infosec_Fortress
👍5
2.29K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Lateral Movement using the MMC20.Application COM Object
First part

https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/
👍4
2.21K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Demystifying Windows Component Object Model (COM)

https://www.221bluestreet.com/offensive-security/windows-components-object-model/demystifying-windows-component-object-model-com
221Bluestreet
Demystifying Windows Component Object Model (COM) | 0xShukruN
🔥3👍2
2.61K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Process Injection via Component Object Model (COM) IRundown::DoCallback()
From MDSec

https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback/

#malware_dev
3👍3
2.61K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited  
Source Byte
Forwarded from 1N73LL1G3NC3
🥤 Pivoting using ZeroTier

🥤 Pivoting using Nebula

Demonstration of pivoting with ZeroTier and Nebula during the post-exploitation process. These tools showcase impressive capabilities such as flexible routing, NAT traversal, and the ability to build tunnels between isolated network segments, granting full access to internal infrastructure.

Thx to my bro @casterbyte
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥7👍5👎1
2.64K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
COM from scratch
PART ONE

[ Code project ]

#com #windows
👍7
2.72K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Forwarded from CyberSecurityTechnologies (-CST-)
HookChain_new_perspective.pdf
14.4 MB
#Red_Team_Tactics
"HookChain: A new perspective for Bypassing EDR Solutions", 2024.
]-> https://github.com/helviojunior/hookchain
👍42🔥1👏1
2.43K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Kimsuky Group's new backdoor appeared (HappyDoor)

https://web.archive.org/web/20240626161026/https://asec.ahnlab.com/ko/67128/
🔥3👍2
2.53K viewsAnastasia 🐞
Source Byte
Forwarded from Offensive Xwitter
😈 [ Check Point Research @_CPResearch_ ]

10 years of DLL hijacking - featuring abused executables that shouldn't have existed, exported and malicious DLLs with discount bin "packing." Includes a PoC for app developers to pre-emptively stop hijacking without dealing with a certificate authority.

🔗 https://research.checkpoint.com/2024/10-years-of-dll-hijacking-and-what-we-can-do-to-prevent-10-more/

🐥 [ tweet ]
👍5
2.47K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾
Source Byte
Source Byte
Process Injection via Component Object Model (COM) IRundown::DoCallback() From MDSec https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback/ #malware_dev
Injecting Code into Windows Protected Processes using COM, Part 1 and Part 2 by James Forshaw of the Project Zero team prompted an interest in COM internals and, more specifically, the undocumented DoCallback method part of the IRundown interface.
- POC

#COM
👍7
2.59K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited