IDA Pro 8.3 installer
(Was find on virus total)
(it's password protected)
Source : pwn3rzs
Wait for them to leak it😕🫶
https://news.1rj.ru/str/source_chat/1504
(Was find on virus total)
(it's password protected)
Source : pwn3rzs
Wait for them to leak it😕🫶
https://news.1rj.ru/str/source_chat/1504
Kernel mode WinDbg extension and PoCs for token privilege investigation. github.com/daem0nc0re/PrivFu
Google Calendar RAT is a PoC of Command&Control over Google Calendar Event
github.com/MrSaighnal/GCR-Go…
#c2
github.com/MrSaighnal/GCR-Go…
#c2
Another approach of Threadless injection discovered by EthicalChaos in c that loads a module into the target process and stomps it, and reverting back memory protections and original memory state
github.com/TheD1rkMtr/D1rkIn…
github.com/TheD1rkMtr/D1rkIn…
A Beginner’s Guide to Adversary Emulation with Caldera
blog.nviso.eu/2023/08/25/a-b…
در این پلی لیست یوتیوب هم به ایمولیت رد تیم پرداخته شده (فارسی) و چندین c2 اموزش داده شده
https://www.youtube.com/watch?v=MOUNg--_MLk&list=PLwq8--jsXOEkhbmV0Dd_wupwSFHPYF3rO
blog.nviso.eu/2023/08/25/a-b…
Forwarded from SoheilSec (SH)
لیست اکسپلویت های که APT گروه های چینی از سال 2021 تاکنون گمان میرود استفاده کردند
گزارش recorded future
https://www.recordedfuture.com/charting-chinas-climb-leading-global-cyber-power
گزارش recorded future
https://www.recordedfuture.com/charting-chinas-climb-leading-global-cyber-power
Understanding the PE file format is key to reverse engineering windows executables. If you need help, Dr Josh Stroschein have a playlist with over 4 hours of content covering many of the most important aspects on youtube 👇
▶️ https://youtube.com/playlist?list=PLHJns8WZXCdstHnLaxcz-CO74fO4Q88_8&feature=shared
▶️ https://youtube.com/playlist?list=PLHJns8WZXCdstHnLaxcz-CO74fO4Q88_8&feature=shared
https://mega.nz/folder/QzkSTKrS#qAks5qwmfL-Si97gxsWHhgabout 300 HTB Machines writeups any difficulty / premium
Forwarded from vx-underground
This media is not supported in your browser
VIEW IN TELEGRAM
Company executives when they're asked if they've been compromised
Interesting short reading on attacking EDRs by Riccardo Ancarani dottor_morte and Devid Lana
Part 1: riccardoancarani.github.io/2…
Part 2: riccardoancarani.github.io/2…
Part 1: riccardoancarani.github.io/2…
Part 2: riccardoancarani.github.io/2…
K-means Clustering for Lateral Movement Detection huntandhackett.com/blog/kmea…
Windows privilege escalation through Use-After-Free (UAF) in win32kfull (CVE-2023-21822)
Interesting writeup by Marcin Wiązowski thezdi
zerodayinitiative.com/blog/2…
Interesting writeup by Marcin Wiązowski thezdi
zerodayinitiative.com/blog/2…
Dinosn: A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.
github.com/efchatz/pandora
github.com/efchatz/pandora
Attacking an EDR - Part 1
This post is the first of what - we hope - will be a long series of articles detailing some common flaws that can be found on modern EDR products. By no means this will be a complete reference, but will hopefully provide some practical tools to analyze these gargantuesque products and attempt to understand their functionalities from a black box perspective.
This post is the first of what - we hope - will be a long series of articles detailing some common flaws that can be found on modern EDR products. By no means this will be a complete reference, but will hopefully provide some practical tools to analyze these gargantuesque products and attempt to understand their functionalities from a black box perspective.
Nice introduction to fileless ELF execution using memfd_create()
Credits MagisterQuis
magisterquis.github.io/2018/…
Credits MagisterQuis
magisterquis.github.io/2018/…
Rust internals and how Rust code maps to assembly
Collection of blog posts by eventhelix
eventhelix.com/rust/
Collection of blog posts by eventhelix
eventhelix.com/rust/