Forwarded from /mdre/
Notes from the recent OnlyMalware event on "Sryxen Stealer" source code analysis are available on GitHub.
We explore how they steal info for:
- browser cookies, autofill, bookmarks, passwords, history
- socials
- games
- VPNs, wallets, and more.
Please open Telegram to view this post
VIEW IN TELEGRAM
👍3
Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting
https://web.archive.org/web/20231102055645/https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/
Cisco IOS XE CVE-2023-20198: Deep Dive and POC
https://web.archive.org/web/20231104121118/https://horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/
https://web.archive.org/web/20231102055645/https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/
Cisco IOS XE CVE-2023-20198: Deep Dive and POC
https://web.archive.org/web/20231104121118/https://horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/
🔥2
Unity of Hacktivist Fronts: Iranian Cyber-Enabled IO Targeting Israel
https://m.youtube.com/watch?v=jQKEYyVB8Pk#
https://m.youtube.com/watch?v=jQKEYyVB8Pk#
👾4❤2👍2
Exploring dsreg Part 1
(I have no idea what i’m doing)
Hello! In this posts series you will join me in my very random research, where I’ll try to RE dsreg.dll and learn its functionalities (:
https://sapirxfed.com/2025/04/28/exploring-dsreg-part-1/
(I have no idea what i’m doing)
Hello! In this posts series you will join me in my very random research, where I’ll try to RE dsreg.dll and learn its functionalities (:
https://sapirxfed.com/2025/04/28/exploring-dsreg-part-1/
👍2
APTSimulator: A powerful APT simulation attack tool
A toolset to make a system look as if it was the victim of an APT attack
A toolset to make a system look as if it was the victim of an APT attack
👍5
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
😁6😱2
Forwarded from Infosec Fortress
YouTube
Windows Heap-backed Pool: The Good, the Bad, and the Encoded
For decades, the Windows kernel pool remained the same, using simple structures that were easy to read, parse and search for, but recently this all changed, with a new and complex design that breaks assumptions and exploits, and of course, tools and debugger…
Windows Heap-backed Pool: The Good, the Bad, and the Encoded
📹 Video
#windows
#heap
#conference
———
🆔 @Infosec_Fortress
📹 Video
#windows
#heap
#conference
———
🆔 @Infosec_Fortress
❤3👍1
CRACKEDCANTIL: A MALWARE SYMPHONY DELIVERED
BY CRACKED SOFTWARE; PERFORMED BY LOADERS,
INFOSTEALERS, RANSOMWARE, ET AL.
https://www.virusbulletin.com/uploads/pdf/conference/vb2024/papers/CrackedCantil-a-malware-symphony-delivered-by-cracked-software-performed-by-loaders-infostealers-ransomware-et-al.pdf
[ 00 ] slides
[ 01 ] paper
BY CRACKED SOFTWARE; PERFORMED BY LOADERS,
INFOSTEALERS, RANSOMWARE, ET AL.
https://www.virusbulletin.com/uploads/pdf/conference/vb2024/papers/CrackedCantil-a-malware-symphony-delivered-by-cracked-software-performed-by-loaders-infostealers-ransomware-et-al.pdf
[ 00 ] slides
[ 01 ] paper
👾3
Audio
🔴 این روزها احتمالا خبر اضافه شدن زبان فارسی به NotebookLM رو شندید که امکان ساخت پادکست و خلاصه صوتی رو میده.
برای تستش ارائه ی خانم Valentina Palmiotti با عنوان "The Exploit Development Life Cycle: From Concept to Compromise" در کنفرانس BSides Canberra 2024 رو دادم و نتیجه رو میتونید گوش بدید.
موقعی که خیلی از ما شروع به یادگیری امنیت سایبری کرده بودیم این امکانات نبود، الانم که یادگیری ساده شده، مشکل برق و اینترنت داریم.
#توسعه_اکسپلویت #تیم_قرمز #کشف_آسیب_پذیری #تحقیقات_آسیبپذیری
#exploitdev #vulnerability #redteam #vulnerabilityResearch
🆔 @onhex_ir
➡️ ALL Link
برای تستش ارائه ی خانم Valentina Palmiotti با عنوان "The Exploit Development Life Cycle: From Concept to Compromise" در کنفرانس BSides Canberra 2024 رو دادم و نتیجه رو میتونید گوش بدید.
موقعی که خیلی از ما شروع به یادگیری امنیت سایبری کرده بودیم این امکانات نبود، الانم که یادگیری ساده شده، مشکل برق و اینترنت داریم.
#توسعه_اکسپلویت #تیم_قرمز #کشف_آسیب_پذیری #تحقیقات_آسیبپذیری
#exploitdev #vulnerability #redteam #vulnerabilityResearch
🆔 @onhex_ir
➡️ ALL Link
👍5🤯2😁1
Source Byte
🔴 این روزها احتمالا خبر اضافه شدن زبان فارسی به NotebookLM رو شندید که امکان ساخت پادکست و خلاصه صوتی رو میده. برای تستش ارائه ی خانم Valentina Palmiotti با عنوان "The Exploit Development Life Cycle: From Concept to Compromise" در کنفرانس BSides Canberra…
This media is not supported in your browser
VIEW IN TELEGRAM
👍3
CoffLoader
Introduction
Portable Executable (PE)
Store data in a PE
Reference to functions and variables during execution
Object files
Overview
Coff Loader
BOF or COFF ?
BOF advantages
BOF disadvantage
Hands on : COFF Loader
Blueprint
COFF specification
COFF Header
Sections Header
Navigate into sections
Relocations Table
Absolute and Relative address
Symbol Table
Symbol Table String
Conclusion
Write sections in memory
Perform relocations
Special symbol
Standard symbol relocation
Put things altogether
Run the code
Upgrade
Compatibility with CobaltStrike BOF
CobaltStrike BOF specificities
Add support for beacon internal functions
Format parameters for CobalStrike BOF
Dynamic .got and .bss
Conclusion
Ressources
External contribution
❤3🔥1