Source Byte – Telegram
Source Byte
@sourcebyte
7.76K subscribers
846 photos
73 videos
678 files
1.68K links
هشیار کسی باید کز عشق بپرهیزد
وین طبع که من دارم با عقل نیامیزد
Saadi Shirazi 187
Download Telegram
About
Blog
Apps
Platform
Join
Source Byte
7.76K subscribers
Source Byte
boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin..
github.com/krisnova/boopkit
325 viewsAnastasia 🐞, edited  
Source Byte
Excellent series for learning the basic of ELF file format internals
Credits IntezerLabs

Part 1:
intezer.com/blog/research/ex

Part 2:
intezer.com/blog/malware-ana

Part 3:
intezer.com/blog/malware-ana

Part 4:
intezer.com/blog/malware-ana
344 viewsAnastasia 🐞, edited  
Source Byte
Beginner introduction to Linux processes and how they are started by the execve() syscall
iq.thc.org/how-does-linux-st
341 viewsAnastasia 🐞
Source Byte
Interesting writeup by raelizecom on how to use power and electromagnetic analysis to break hardware cryptography using

Power analysis:
raelize.com/blog/espressif-s

Electromagnetic analysis:
raelize.com/blog/espressif-s
382 viewsAnastasia 🐞, edited  
Source Byte
Source Byte
Interesting writeup by raelizecom on how to use power and electromagnetic analysis to break hardware cryptography using Power analysis: raelize.com/blog/espressif-s… Electromagnetic analysis: raelize.com/blog/espressif-s…
This media is not supported in your browser
VIEW IN TELEGRAM
418 viewsAnastasia 🐞
Source Byte
Mobile Malware Analysis Part 3 – Pegasus
8ksec.io/mobile-malware-anal
426 viewsAnastasia 🐞
Source Byte
​​ProcessStomping

A variation of ProcessOverwriting to execute shellcode on an executable's section.

https://github.com/naksyn/ProcessStomping

#cybersecurity #infosec #pentesting #redteam
GitHub
GitHub - naksyn/ProcessStomping: A variation of ProcessOverwriting to execute shellcode on an executable's section
A variation of ProcessOverwriting to execute shellcode on an executable's section - naksyn/ProcessStomping
399 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1
Source Byte
#tools
#Threat_Research
Awesome GPTs (Agents) for Cybersecurity
https://github.com/fr0gger/Awesome-GPT-Agents
GitHub
GitHub - fr0gger/Awesome-GPT-Agents: A curated list of GPT agents for cybersecurity
A curated list of GPT agents for cybersecurity. Contribute to fr0gger/Awesome-GPT-Agents development by creating an account on GitHub.
373 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1
Source Byte
https://pan-unit42.github.io/playbook_viewer/
346 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1
Source Byte
Forwarded from vx-underground
Here is a very poorly written way to do 'whoami' using CreateNamedPipe and Advapi32!NpGetUserName.

This undocumented function will do the generic LookupAccountSidW via GetUserNameExW, but it can act as a proxy function, or something.

https://pastebin.com/raw/ZsReS7k4
293 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1
Source Byte
Forwarded from vx-underground
Tired of seeing nerds arguing about C2's? Next time use some C4. EDR's struggle against C4
262 viewsAnastasia 🐞
Source Byte
https://youtu.be/cxu3QwUK_lk?si=xNGUUPZx8I_s0l9D
YouTube
How config Ja4 for ZeeK and how use that (JA4+ Network Fingerprinting)
JA4+ is a suite of network fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for…
334 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1
Source Byte
Source Byte
https://youtu.be/cxu3QwUK_lk?si=xNGUUPZx8I_s0l9D
I made this video for who that wants to analyze pcap files which are so huge and zeek is enough for that

Ja4 link:
https://github.com/FoxIO-LLC/ja4
GitHub
GitHub - FoxIO-LLC/ja4: JA4+ is a suite of network fingerprinting standards
JA4+ is a suite of network fingerprinting standards - FoxIO-LLC/ja4
390 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited  
Source Byte
Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 2) – Hacktive Security Blog
blog.hacktivesecurity.com/in
342 viewsAnastasia 🐞, edited  
Source Byte
Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses
blog.fox-it.com/2023/11/15/t
330 viewsAnastasia 🐞, edited  
Source Byte
Technique for spoofing PE files sections and embed executable code by @x86matthew

secret.club/2023/06/05/spoof
👍2
372 viewsAnastasia 🐞, edited  
Source Byte
1. Uncovering a crazy privilege escalation from Chrome extensions
0x44.xyz/blog/cve-2023-4369



2. NVD exploit & JVN
github.com/nomi-sec/NVD-Expl
👍2
391 viewsAnastasia 🐞, edited  
Source Byte
ELF 101 - Part 1 Sections and Segments - Intezer
intezer.com/blog/research/ex



CVE-2023-4357:
Google Chrome LFI
github.com/xcanwin/CVE-2023-
👍1
370 viewsAnastasia 🐞, edited  
Source Byte
Malware Makeover: Breaking ML-based Static Analysis by Modifying Executable Bytes, 2021.

]-> github.com/pwwl/enhanced-bin
👍1
360 viewsAnastasia 🐞
Source Byte
Knock! Knock! The postman is here! (abusing Mailslots and PortKnocking for connectionless shells)

https://adepts.of0x.cc/connectionless-shells/
Knock! Knock! The postman is here! (abusing Mailslots and PortKnocking for connectionless shells) |
Knock! Knock! The postman is here! (abusing Mailslots and PortKnocking for connectionless shells) | AdeptsOf0xCC
Creating a connectionless shell using Windows Filtering Platform and Mailslot
❤‍🔥2
369 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1
Source Byte
https://github.com/nathan31337/Splunk-RCE-poc
GitHub
GitHub - nathan31337/Splunk-RCE-poc
Contribute to nathan31337/Splunk-RCE-poc development by creating an account on GitHub.
375 viewst a h a