Forwarded from Infosec Fortress
YouTube
Windows Heap-backed Pool: The Good, the Bad, and the Encoded
For decades, the Windows kernel pool remained the same, using simple structures that were easy to read, parse and search for, but recently this all changed, with a new and complex design that breaks assumptions and exploits, and of course, tools and debugger…
Windows Heap-backed Pool: The Good, the Bad, and the Encoded
📹 Video
#windows
#heap
#conference
———
🆔 @Infosec_Fortress
📹 Video
#windows
#heap
#conference
———
🆔 @Infosec_Fortress
❤3👍1
CRACKEDCANTIL: A MALWARE SYMPHONY DELIVERED
BY CRACKED SOFTWARE; PERFORMED BY LOADERS,
INFOSTEALERS, RANSOMWARE, ET AL.
https://www.virusbulletin.com/uploads/pdf/conference/vb2024/papers/CrackedCantil-a-malware-symphony-delivered-by-cracked-software-performed-by-loaders-infostealers-ransomware-et-al.pdf
[ 00 ] slides
[ 01 ] paper
BY CRACKED SOFTWARE; PERFORMED BY LOADERS,
INFOSTEALERS, RANSOMWARE, ET AL.
https://www.virusbulletin.com/uploads/pdf/conference/vb2024/papers/CrackedCantil-a-malware-symphony-delivered-by-cracked-software-performed-by-loaders-infostealers-ransomware-et-al.pdf
[ 00 ] slides
[ 01 ] paper
👾3
Audio
🔴 این روزها احتمالا خبر اضافه شدن زبان فارسی به NotebookLM رو شندید که امکان ساخت پادکست و خلاصه صوتی رو میده.
برای تستش ارائه ی خانم Valentina Palmiotti با عنوان "The Exploit Development Life Cycle: From Concept to Compromise" در کنفرانس BSides Canberra 2024 رو دادم و نتیجه رو میتونید گوش بدید.
موقعی که خیلی از ما شروع به یادگیری امنیت سایبری کرده بودیم این امکانات نبود، الانم که یادگیری ساده شده، مشکل برق و اینترنت داریم.
#توسعه_اکسپلویت #تیم_قرمز #کشف_آسیب_پذیری #تحقیقات_آسیبپذیری
#exploitdev #vulnerability #redteam #vulnerabilityResearch
🆔 @onhex_ir
➡️ ALL Link
برای تستش ارائه ی خانم Valentina Palmiotti با عنوان "The Exploit Development Life Cycle: From Concept to Compromise" در کنفرانس BSides Canberra 2024 رو دادم و نتیجه رو میتونید گوش بدید.
موقعی که خیلی از ما شروع به یادگیری امنیت سایبری کرده بودیم این امکانات نبود، الانم که یادگیری ساده شده، مشکل برق و اینترنت داریم.
#توسعه_اکسپلویت #تیم_قرمز #کشف_آسیب_پذیری #تحقیقات_آسیبپذیری
#exploitdev #vulnerability #redteam #vulnerabilityResearch
🆔 @onhex_ir
➡️ ALL Link
👍5🤯2😁1
Source Byte
🔴 این روزها احتمالا خبر اضافه شدن زبان فارسی به NotebookLM رو شندید که امکان ساخت پادکست و خلاصه صوتی رو میده. برای تستش ارائه ی خانم Valentina Palmiotti با عنوان "The Exploit Development Life Cycle: From Concept to Compromise" در کنفرانس BSides Canberra…
This media is not supported in your browser
VIEW IN TELEGRAM
👍3
CoffLoader
Introduction
Portable Executable (PE)
Store data in a PE
Reference to functions and variables during execution
Object files
Overview
Coff Loader
BOF or COFF ?
BOF advantages
BOF disadvantage
Hands on : COFF Loader
Blueprint
COFF specification
COFF Header
Sections Header
Navigate into sections
Relocations Table
Absolute and Relative address
Symbol Table
Symbol Table String
Conclusion
Write sections in memory
Perform relocations
Special symbol
Standard symbol relocation
Put things altogether
Run the code
Upgrade
Compatibility with CobaltStrike BOF
CobaltStrike BOF specificities
Add support for beacon internal functions
Format parameters for CobalStrike BOF
Dynamic .got and .bss
Conclusion
Ressources
External contribution
❤3🔥1
Forwarded from Sec Note
LoudSunRun
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
- Mgeeky implementation
Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
- Mgeeky implementation
🔥7❤3👍2
STUXNET AND THE CONSEQUENCES
https://www.langner.com/wp-content/uploads/2017/08/Stuxnet-und-die-Folgen.pdf
auto translated versions on next post
https://www.langner.com/wp-content/uploads/2017/08/Stuxnet-und-die-Folgen.pdf
auto translated versions on next post
👍3❤1🗿1
Decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface bypassing path validation and encryption protections.
Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) — all in user mode, no admin rights required.
If you find this useful, I’d appreciate a coffee: ko-fi
👍2
Forwarded from Blue Team Alerts
AMSI-PeParse-Patch
This tool locates AmsiScanBuffer in remote processes by reading PE headers with multiple ReadProcessMemory calls, then extracts function addresses from the export table and patches the function's memory to return "clean" (0) for any scan using VirtualProtectEx and WriteProcessMemory.EvilBytecode/EvilByte-Remote-AMSI-Bypass: Bypasses AMSI protection through remote memory patching and parsing technique.
Discuss on Reddit: https://ift.tt/IDKhBrP
@blueteamalerts
This tool locates AmsiScanBuffer in remote processes by reading PE headers with multiple ReadProcessMemory calls, then extracts function addresses from the export table and patches the function's memory to return "clean" (0) for any scan using VirtualProtectEx and WriteProcessMemory.EvilBytecode/EvilByte-Remote-AMSI-Bypass: Bypasses AMSI protection through remote memory patching and parsing technique.
Discuss on Reddit: https://ift.tt/IDKhBrP
@blueteamalerts
GitHub
GitHub - EvilBytecode/EvilByte-Remote-AMSI-Bypass: Bypasses AMSI protection through remote memory patching and parsing technique.
Bypasses AMSI protection through remote memory patching and parsing technique. - EvilBytecode/EvilByte-Remote-AMSI-Bypass
❤2👍2
Forwarded from OnHex
🔴 ویدیوی ارائه های کنفرانس Black Hat Europe 2024 در یوتیوب بروز شده که اگه علاقمند بودید، مشاهده کنید.
یکی از ارائه ها با عنوان UNC1860 and The Temple of Oats - Iran's hidden hand in Middle Eastern Networks در خصوص یک گروه هکری منتسب به ایران هستش.
#کنفرانس
#BlackhatEurope2024 #BlackhatEu2024 #Blackhat
🆔 @onhex_ir
➡️ ALL Link
یکی از ارائه ها با عنوان UNC1860 and The Temple of Oats - Iran's hidden hand in Middle Eastern Networks در خصوص یک گروه هکری منتسب به ایران هستش.
#کنفرانس
#BlackhatEurope2024 #BlackhatEu2024 #Blackhat
🆔 @onhex_ir
➡️ ALL Link
❤1👍1
Forwarded from Orca Cyber Weapons
RE-MA Roadmap Repository Update
The RE-MA Roadmap has been updated with new resources. Check it out to explore more materials for mastering reverse engineering and malware analysis!
Explore the updated roadmap here
@OrcaCyberWeapons
The RE-MA Roadmap has been updated with new resources. Check it out to explore more materials for mastering reverse engineering and malware analysis!
Explore the updated roadmap here
@OrcaCyberWeapons
GitHub
GitHub - x86byte/RE-MA-Roadmap: Reverse Engineering and Malware Analysis Roadmap
Reverse Engineering and Malware Analysis Roadmap. Contribute to x86byte/RE-MA-Roadmap development by creating an account on GitHub.
🔥5👍2❤1
If you remove the first word from the string "hello world", what should the result be? This is the story of how we discovered that the answer could be your root password!
https://lock.cmpxchg8b.com/zenbleed.html
https://lock.cmpxchg8b.com/zenbleed.html
🤔4👍2🔥1
Visualizing entire Chromium include graph
https://blog.bkryza.com/posts/visualizing-chromium-include-graph/
https://blog.bkryza.com/posts/visualizing-chromium-include-graph/
❤2👍1