part 5 is coming , don't miss it !!!

Part 5 - Intro to C for #Windows

Linked list enumeration, #API, and #windows_internls

I don't know if you all are keeping track, this is now 10(!) FREE hours of hands-on training in C from SANS SEC670 author @jon__reiter

Register here : https://sans.org/u/1u3Z

i will share recorded video in group also

Hooking-Ahmadian(Persian).pdf


#hooking

How to hook functions?

https://www.youtube.com/watch?v=qEbPCIFtyOs

#hooking

reverse Engineering, assembly and some concepts
https://0xinfection.github.io/reversing/

#reverse

Malware Unpacking With Memory Dumps - Intermediate Methods


https://embee-research.ghost.io/unpacking-malware-using-process-hacker-and-memory-inspection/

#malware_analysis

A cross-platform Command and Control (C2) framework written in Golang and Python.

https://github.com/gatariee/Winton

#malware_dev , #c2 , #go

In 2021, I worked with
@juanandres_gs on a Predatory Sparrow attack against the fuel system. I did not openly share the draft back then, as it exposed live vulnnerable systems. Having their second go with it yesterday, it's time to share it openly now.
https://sites.google.com/darkcell.se/www/sparrows

Explain pe file format from ARteam

#pe

Offensive Windows IPC Internals 3: ALPC

https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html

#windows_internals , #ALPC

Debugging and Reversing ALPC

https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html

#windows_internals , #reversing , #debugging , #ALPC

Most PE executables only have a DOS stub, but Robert Xiao combined DOOM Dos and Windows executables into a single universal file.

Advanced merge of genuine Dos headers, relocations, DOS4/GW headers and PE file.

https://github.com/nneonneo/universal-doom

#PE

intresting google dork by coinicap which show "national IDs"

site:https://test.com/ کارت ملی

i will not share the exact dork becuase of users privacy :)

as i see it works with many websites :)

Malware Development for Dummies

In the age of EDR, red team operators cannot get away with using pre-compiled payloads anymore. As such, malware development is becoming a vital skill for any operator. This workshop will show you all you need to get started!

Slides:
https://github.com/chvancooten/maldev-for-dummies/tree/main/Slides

Exercises:
https://github.com/chvancooten/maldev-for-dummies/tree/main/Exercises

#malware_dev #csharp #nim #golang #rust

Novel Detection of Process Injection Using Network Anomalies

https://akamai.com/blog/security-research/novel-detection-methodology-process-injection-using-network-anomalies

#process_injection , #detection

list of articles on malware development.

https://ru-sfera.pw/threads/vvedenie-v-razrabotku-vredonosnyx-programm-oglavlenie.4435/

#malware_dev

Best Way to Make Malware – List of Tutorials

Link

#malware_dev

We write our own malware. Part 1: Learning to write a completely “undetectable” keylogger

https://habr.com/en/companies/varonis/articles/302458/

#malware_dev

Malware 101: Develop and Analyze our own malware

https://fareedfauzi.github.io/2021/09/20/Malware-dev-analysis.html

#malware_dev #malware_analysis