Heap exploit series by Ch0pin
۱− infosecwriteups.com/the-todd…
۲− infosecwriteups.com/the-todd…
۳− infosecwriteups.com/the-todd…
۴− infosecwriteups.com/the-todd…
۵− infosecwriteups.com/the-todd…
۶− infosecwriteups.com/the-todd…
۷− infosecwriteups.com/the-todd…
۸− infosecwriteups.com/the-todd…
۹− infosecwriteups.com/the-todd…


#heap , #exploitation

IDA Pro 8.3 installer
(Was find on virus total)
(it's password protected)
Source : pwn3rzs

Wait for them to leak it😕🫶

https://news.1rj.ru/str/source_chat/1504

Persistence – Windows Telemetry

pentestlab.blog/2023/11/06/p…

Kernel mode WinDbg extension and PoCs for token privilege investigation. github.com/daem0nc0re/PrivFu

Google Calendar RAT is a PoC of Command&Control over Google Calendar Event
github.com/MrSaighnal/GCR-Go…


#c2

Another approach of Threadless injection discovered by EthicalChaos in c that loads a module into the target process and stomps it, and reverting back memory protections and original memory state
github.com/TheD1rkMtr/D1rkIn…

A Beginner’s Guide to Adversary Emulation with Caldera
blog.nviso.eu/2023/08/25/a-b…

در این پلی لیست یوتیوب هم به ایمولیت رد تیم پرداخته شده (فارسی) و چندین c2 اموزش داده شده
https://www.youtube.com/watch?v=MOUNg--_MLk&list=PLwq8--jsXOEkhbmV0Dd_wupwSFHPYF3rO

لیست اکسپلویت های که APT گروه های چینی از سال 2021 تاکنون گمان میرود استفاده کردند
گزارش recorded future
https://www.recordedfuture.com/charting-chinas-climb-leading-global-cyber-power

Understanding the PE file format is key to reverse engineering windows executables. If you need help, Dr Josh Stroschein have a playlist with over 4 hours of content covering many of the most important aspects on youtube 👇

▶️ https://youtube.com/playlist?list=PLHJns8WZXCdstHnLaxcz-CO74fO4Q88_8&feature=shared

https://mega.nz/folder/QzkSTKrS#qAks5qwmfL-Si97gxsWHhg

about 300 HTB Machines writeups any difficulty / premium

best AI ever

Company executives when they're asked if they've been compromised

Interesting short reading on attacking EDRs by Riccardo Ancarani dottor_morte and Devid Lana

Part 1: riccardoancarani.github.io/2…
Part 2: riccardoancarani.github.io/2…

K-means Clustering for Lateral Movement Detection huntandhackett.com/blog/kmea…

Batsignal - a macOS LPE in Spotlight
gergelykalman.com/no-CVE-bat…
> github.com/gergelykalman/no-…

Windows privilege escalation through Use-After-Free (UAF) in win32kfull (CVE-2023-21822)
Interesting writeup by Marcin Wiązowski thezdi
zerodayinitiative.com/blog/2…

Dinosn: A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.
github.com/efchatz/pandora

How does Linux start a process

https://iq.thc.org/how-does-linux-start-a-process

Attacking an EDR - Part 1

This post is the first of what - we hope - will be a long series of articles detailing some common flaws that can be found on modern EDR products. By no means this will be a complete reference, but will hopefully provide some practical tools to analyze these gargantuesque products and attempt to understand their functionalities from a black box perspective.

Nice introduction to fileless ELF execution using memfd_create()
Credits MagisterQuis

magisterquis.github.io/2018/…