Серия книг "Секреты хакеров" , авторы Хатч Брайан, Ли Джеймс, Курц Джордж, язык русский. Являются переводом серии книг Hacking exposed авторитетных экспертов в области безопасности из США
Дань уважения old school эпохе, первым книгам вышедшим после 90-х годов с реальным описанием, что такое нападение и защита в информационных системах. Это символ эпохи когда "хак" стал переходить из области голливудского кинематографа в работу реальных спецов.
Многое из того что написано конечно уже устарело, но за то может показать как индустрия двигалась, какие были проблемы безопасности, как они решались, что предлагали "хакеры" на тот период времени. Вообщем must have для всех ценителей андера, эпохи и истории хака как искусства
В паке следующие книги:
+ Секреты хакеров. Безопасность Linux
+ Секреты хакеров. Безопасность Web-приложений
+ Секреты хакеров. Проблемы и решения сетевой защиты
+ Секреты хакеров. Безопасность Windows 2000
+ Секреты хакеров. Безопасность Windows Server 2003
#book #linux #windows #pentest
Дань уважения old school эпохе, первым книгам вышедшим после 90-х годов с реальным описанием, что такое нападение и защита в информационных системах. Это символ эпохи когда "хак" стал переходить из области голливудского кинематографа в работу реальных спецов.
Многое из того что написано конечно уже устарело, но за то может показать как индустрия двигалась, какие были проблемы безопасности, как они решались, что предлагали "хакеры" на тот период времени. Вообщем must have для всех ценителей андера, эпохи и истории хака как искусства
В паке следующие книги:
+ Секреты хакеров. Безопасность Linux
+ Секреты хакеров. Безопасность Web-приложений
+ Секреты хакеров. Проблемы и решения сетевой защиты
+ Секреты хакеров. Безопасность Windows 2000
+ Секреты хакеров. Безопасность Windows Server 2003
#book #linux #windows #pentest
Англоязычная серия книг Hacking exposed от авторов Stuart McClure, Joel Scambray and George Kurtz
В паке представлены книги:
+ Hacking exposed malware & rootkits
+ Hacking Exposed Web applications
+ Hacking Exposed Computer Forensic
+ Hacking Exposed Windows, 3rd Edition
+ Hacking Exposed Linux
#book #linux #windows #pentest
В паке представлены книги:
+ Hacking exposed malware & rootkits
+ Hacking Exposed Web applications
+ Hacking Exposed Computer Forensic
+ Hacking Exposed Windows, 3rd Edition
+ Hacking Exposed Linux
#book #linux #windows #pentest
Forwarded from OnHex
🔴 نشریه ی tmpout که قبلا در کانال معرفیش کرده بودیم ، یه نشریه تخصصی در حوزه امنیت برای سیستمهای لینوکسی هستش.
شماره ی سوم این نشریه بعد از 20 ماه منتشر شده. اگه علاقمند به این حوزه هستید ، برای دسترسی به نشریه میتونید از لینکهای زیر استفاده کنید.
- شماره 1
- شماره 2
- شماره 3
➡️ @onhex_ir
➡️ onhexgroup.ir
شماره ی سوم این نشریه بعد از 20 ماه منتشر شده. اگه علاقمند به این حوزه هستید ، برای دسترسی به نشریه میتونید از لینکهای زیر استفاده کنید.
- شماره 1
- شماره 2
- شماره 3
➡️ @onhex_ir
➡️ onhexgroup.ir
👍2
Excellent series for learning the basic of ELF file format internals
Part 1:
intezer.com/blog/research/ex…
Part 2:
intezer.com/blog/malware-ana…
Part 3:
intezer.com/blog/malware-ana…
Part 4:
intezer.com/blog/malware-ana…
Part 1:
intezer.com/blog/research/ex…
Part 2:
intezer.com/blog/malware-ana…
Part 3:
intezer.com/blog/malware-ana…
Part 4:
intezer.com/blog/malware-ana…
❤🔥1👍1
I would highly recommend learning following things:
Win32 API
Networking (Communicate over HTTP/s, DNS, ICMP)
Encryption (basic use of Aes, Xor, Rc4, etc.)
Injection Techniques
Learn how to use Debuggers.
Read the source code of already existing open source C2s like Metasploits Meterpreter, Empire Framework, SharpC2, Shadow.
These projects contain so much info and code on how to:
make malware modular using reflective loaders/code injection, communicate with the C2, and more.
Here are all of my personal malware development resources i have collected:
https://github.com/rootkit-io/awesome-malware-development
https://github.com/rootkit-io/malware-and-exploitdev-resources
https://www.youtube.com/watch?v=LuUhox_C5yg&list=PL1jK3K11NINhvnr7Y3iGu8eLKec72Sl7D
https://pre.empt.dev/
https://0xpat.github.io/
https://www.guitmz.com/
https://www.hackinbo.it/slides/1574880712_How%20to%20write%20malware%20and%20learn%20how%20to%20fight%20it%21.pdf
https://cocomelonc.github.io/
https://0x00sec.org/c/malware/56
https://institute.sektor7.net/red-team-operator-malware-development-essentials (you can find this course leaked online)
https://institute.sektor7.net/rto-maldev-intermediate (you can find this course leaked online)
https://institute.sektor7.net/rto-maldev-adv1 (you can find this course leaked online)
https://captmeelo.com/
https://www.vx-underground.org/
https://google.com/
https://c3rb3ru5d3d53c.github.io/posts/
https://unprotect.it/
https://www.youtube.com/watch?v=xCEKzqLTvqg&list=PL-aDiCywOtNXxR8EGzp773K3sgKQlAlG0
https://github.com/chvancooten/maldev-for-dummies/blob/main/Slides/Malware%20Development%20for%20Dummies%20-%20Hack%20in%20Paris%2030-06-2022%20%26%2001-07-2022.pdf
Win32 API
Networking (Communicate over HTTP/s, DNS, ICMP)
Encryption (basic use of Aes, Xor, Rc4, etc.)
Injection Techniques
Learn how to use Debuggers.
Read the source code of already existing open source C2s like Metasploits Meterpreter, Empire Framework, SharpC2, Shadow.
These projects contain so much info and code on how to:
make malware modular using reflective loaders/code injection, communicate with the C2, and more.
Here are all of my personal malware development resources i have collected:
https://github.com/rootkit-io/awesome-malware-development
https://github.com/rootkit-io/malware-and-exploitdev-resources
https://www.youtube.com/watch?v=LuUhox_C5yg&list=PL1jK3K11NINhvnr7Y3iGu8eLKec72Sl7D
https://pre.empt.dev/
https://0xpat.github.io/
https://www.guitmz.com/
https://www.hackinbo.it/slides/1574880712_How%20to%20write%20malware%20and%20learn%20how%20to%20fight%20it%21.pdf
https://cocomelonc.github.io/
https://0x00sec.org/c/malware/56
https://institute.sektor7.net/red-team-operator-malware-development-essentials (you can find this course leaked online)
https://institute.sektor7.net/rto-maldev-intermediate (you can find this course leaked online)
https://institute.sektor7.net/rto-maldev-adv1 (you can find this course leaked online)
https://captmeelo.com/
https://www.vx-underground.org/
https://google.com/
https://c3rb3ru5d3d53c.github.io/posts/
https://unprotect.it/
https://www.youtube.com/watch?v=xCEKzqLTvqg&list=PL-aDiCywOtNXxR8EGzp773K3sgKQlAlG0
https://github.com/chvancooten/maldev-for-dummies/blob/main/Slides/Malware%20Development%20for%20Dummies%20-%20Hack%20in%20Paris%2030-06-2022%20%26%2001-07-2022.pdf
GitHub
GitHub - rootkit-io/awesome-malware-development: Organized list of my malware development resources
Organized list of my malware development resources - rootkit-io/awesome-malware-development
❤🔥1👍1
Forwarded from Cyber Detective
How to verify leak data?
Leak data verification 9-steps checklist for investigators.
https://techjournalism.medium.com/how-to-verify-leak-data-3b0c8d8b764a
Author twitter.com/Techjournalisto
Leak data verification 9-steps checklist for investigators.
https://techjournalism.medium.com/how-to-verify-leak-data-3b0c8d8b764a
Author twitter.com/Techjournalisto
AD Penetration Testing Lab
Active Directory Lab for Penetration Testing
GitHub
How to setup
#pentest #windows
Active Directory Lab for Penetration Testing
GitHub
How to setup
#pentest #windows
👍3
𝗠𝗔𝗟𝗪𝗔𝗥𝗘 𝗥𝗘𝗦𝗢𝗨𝗥𝗖𝗘𝗦 👾
•Malpedia 🔗:-
https://malpedia.caad.fkie.fraunhofer.de/
•Interactive Online Malware Analysis Sandbox 🔗:-
https://app.any.run/
•Free Automated Malware Analysis Service 🔗:-
https://hybrid-analysis.com/
•VirusTotal 🔗:-
https://www.virustotal.com/gui/
•Maltiverse 🔗:-
https://maltiverse.com/search
•Malware News Search 🔗:-
https://cse.google.com/cse?cx=003248445720253387346:turlh5vi4xc
•AlienVault Open Threat Exchange 🔗:-
https://otx.alienvault.com/
•Jotti's malware scan 🔗:-
https://virusscan.jotti.org/
•IObit Cloud 🔗:-
https://cloud.iobit.com/index.php
•theZoo 🔗:-
https://github.com/ytisf/theZoo
•Vx-underground(.)org :-
https://vx-underground.org/
•VX Heaven :-
https://vx-underground.org/archive/VxHeaven/index.html
• APT notes/data 🔗:-
https://github.com/aptnotes/data
•Exploit-database-papers 🔗:-
https://github.com/offensive-security/exploitdb-papers
•Exploitdb-bin-sploits 🔗:-
https://github.com/offensive-security/exploitdb-bin-sploits
•Malpedia 🔗:-
https://malpedia.caad.fkie.fraunhofer.de/
•Interactive Online Malware Analysis Sandbox 🔗:-
https://app.any.run/
•Free Automated Malware Analysis Service 🔗:-
https://hybrid-analysis.com/
•VirusTotal 🔗:-
https://www.virustotal.com/gui/
•Maltiverse 🔗:-
https://maltiverse.com/search
•Malware News Search 🔗:-
https://cse.google.com/cse?cx=003248445720253387346:turlh5vi4xc
•AlienVault Open Threat Exchange 🔗:-
https://otx.alienvault.com/
•Jotti's malware scan 🔗:-
https://virusscan.jotti.org/
•IObit Cloud 🔗:-
https://cloud.iobit.com/index.php
•theZoo 🔗:-
https://github.com/ytisf/theZoo
•Vx-underground(.)org :-
https://vx-underground.org/
•VX Heaven :-
https://vx-underground.org/archive/VxHeaven/index.html
• APT notes/data 🔗:-
https://github.com/aptnotes/data
•Exploit-database-papers 🔗:-
https://github.com/offensive-security/exploitdb-papers
•Exploitdb-bin-sploits 🔗:-
https://github.com/offensive-security/exploitdb-bin-sploits
malpedia.caad.fkie.fraunhofer.de
Malpedia (Fraunhofer FKIE)
Malpedia is a free service offered by Fraunhofer FKIE. Administration is lead by Daniel Plohmann and Steffen Enders.
❤🔥2
Source Byte
IDA Pro 8.3 installer (Was find on virus total) (it's password protected) Source : pwn3rzs Wait for them to leak it😕🫶 https://news.1rj.ru/str/source_chat/1504
i don't know if is it still working or not :
read this blog
Is it possible to install IDA Pro without owning installation password? Sure, why not?
read this blog
Is it possible to install IDA Pro without owning installation password? Sure, why not?
ETW internals for security research and forensics
https://ift.tt/Fgevuc4
https://ift.tt/Fgevuc4
The Trail of Bits Blog
ETW internals for security research and forensics
Why has Event Tracing for Windows (ETW) become so pivotal for endpoint detection and response (EDR) solutions in Windows 10 and 11? The answer lies in the value of the intelligence it provides to security tools through secure ETW channels, which are now also…
❤🔥2