Agent Tesla Analysis [Part 1: Unpacking]
Deobfuscation of Lumma Stealer
https://ryan-weil.github.io/posts/AGENT-TESLA-1/
Deobfuscation of Lumma Stealer
https://ryan-weil.github.io/posts/LUMMA-STEALER/
❤2🔥2👾1
Dark web threats and dark market predictions for 2025
https://securelist.com/ksb-dark-web-predictions-2025/114966/
🤣4👍2❤1🔥1😈1
Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations
https://securelist.com/cyber-anarchy-squad-attacks-with-uncommon-trojans/114990/
https://securelist.com/cyber-anarchy-squad-attacks-with-uncommon-trojans/114990/
🔥2🤮2👾2👍1🥱1
1734722992877.pdf
1 MB
Exploring Kernel Callbacks in Windows for Red Teamers / Developers
Forwarded from Infosec Fortress
The Kernel Hacker's Guide to the Galaxy
Automating Exploit Engineering Workflows
H2HC 2024
#binary
#kernel
#exploitation
———
🆔 @Infosec_Fortress
Automating Exploit Engineering Workflows
H2HC 2024
#binary
#kernel
#exploitation
———
🆔 @Infosec_Fortress
👍3
Forwarded from /mdre/
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from kerable
LSaasDumper.pdf
2 MB
Докладывал доклад на Offensive Meetup #3
Рассказал про получение секретов из Lsass-a через произвольное чтение физической памяти
Вот преза
Рассказал про получение секретов из Lsass-a через произвольное чтение физической памяти
Вот преза
🔥1
Forwarded from Infosec Fortress
Connor McGarr’s Blog
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
🔗 Link
#binary
#exploitation
#windows
#hvci
———
🆔 @Infosec_Fortress
🔗 Link
#binary
#exploitation
#windows
#hvci
———
🆔 @Infosec_Fortress
👍3🤣1
NanoDump: How I Reinvented SafetyKatz to Dump LSASS with NanoDump
https://xakep.ru/2024/11/13/lsass-nanodump/
https://xakep.ru/2024/11/13/lsass-nanodump/
👍3
Source Byte
WTSRM-SLIDES.pdf
WTSRM - Writing Tiny Small Reliable Malware demo repository for my corresponding talk.
https://github.com/rad9800/WTSRM
Unhooks all Windows Dlls with \KnownDlls\
No CRT dependencies
Small size
Low entropy
Random string encryption key (thus no plaintext strings)
API hashing
Hook detection
Walks around hooks for initial unhooking on ntdll
https://github.com/rad9800/WTSRM
👍3👀2
Forwarded from Infosec Fortress
Happy New Year 2025! Wishing you a year filled with joy, health, and success. 🎉🎄
🔥10🍾2
Forwarded from /mdre/
A primer on writing a credential provider in Windows.
Sequence of calls to a credential provider in Windows.
Please open Telegram to view this post
VIEW IN TELEGRAM
🤓5❤2👍2
Forwarded from CyberSecurity Shield (Pouyan Zamani)
SANS SEC 450-Full Course-2023 (1).pdf
74.1 MB
❤2👍2🔥2🗿2