awesome-windows-exploitation by farzin karemi

old but GOLD :)

https://web.archive.org/web/20170123124214/https://github.com/enddo/awesome-windows-exploitation

#windows , #exploit , #old_but_gold😁

Ghidra Basics - Manual Shellcode Analysis and C2 Extraction
embee-research.ghost.io/ghid…

#ghidra , #c2 , #shellcode

Nice collection of resources for getting started with Satellite hacking and CTFs 😂

Satellite Hacking Demystified: redteamrecipe.com/Satellite-…
Hack-a-sat writeups: github.com/solar-wine/writeu…
Hack-a-sat players corner: hackasat.com/players-corner/

#satellite

SHA1 and its weaknesses
Excellent writeup by Declain Thomas (@evervault)

evervault.com/blog/sha-1-get…

#sha1

wayback tweets

https://waybacktweets.streamlit.app/

Linux Red Team

cat /home/redteam/

1- Exploitation Techniques
2 - Privilege Escalation Techniques
3 - Persistence Techniques
4 - Defense Evasion - Hiding Linux Processes
5 - Defense Evasion - Rootkits

#linux #learn #hack

CSharp Payload Phoning to a CobaltStrike Server

https://isc.sans.edu/forums/diary/30490

#Cobalt_Strike ,

Finding Metasploit & Cobalt Strike URLs

Metasploit and Cobalt Strike generate shellcode for http(s) shells. The URLs found in this shellcode have a path that consist of 4 random alphanumeric characters. But they are not completely random: their 8-bit checksum is a member of a small set of constants.

https://isc.sans.edu/diary/Finding+Metasploit+Cobalt+Strike+URLs/27204

#Cobalt_Strike , #Metasploit ,

Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

https://github.com/LearningKijo/SecurityResearcher-Note

#Malware_analysis

#Malware_analysis

GULOADER: deobfuscating the downloader
https://www.elastic.co/security-labs/getting-gooey-with-guloader-downloader


Rhadamanthys v0.5.0 - a deep dive into the stealer’s components
https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components

2023 march version "Reverse Engineering for Beginners" is the subnoscript

#reverse

How to Make Your Own Keylogger in C++ Programming Language

Offensive Tool Development - The Shellcode Compiler Was Right There All Along

Part 1 :
https://sh3llsp4wn.github.io/Shellcode-With-The-Default-Linux-Toolchain/

Part 2 :
https://sh3llsp4wn.github.io/Shellcode-With-The-Default-Linux-Toolchain-2/

Reverse Engineering for Beginners

Dennis Yurichev

Understanding Assembly Language

Dennis Yurichev

thanks X-L-R-8 for sharing this two books

Rebase the program when we load it to ida

https://malware.news/t/igor-s-tip-of-the-week-168-rebasing/76756

#reverse

How do we write a shellcode to elevate privileges and gracefully return to userland?

mdanilor.github.io/posts/hev…


#shellcode , #privilege_scalation