Forwarded from white2hack 📚
Hacking Windows, first edition, Kevin Thomas, 2022
On November 20, 1985, Microsoft introduced the Windows operating environment which was nothing more than a graphical operating shell for MS-DOS.
Today we begin our journey into the Win32API. This book will take you step-by-step writing very simple Win32API’s in both x86 and x64 platforms in C and then reversing them both very carefully using the world’s most popular Hey Rays IDA Free tool which is a stripped down version of the IDA Pro tool used in more professional Reverse Engineering environments. Let’s begin...
#book #windows
On November 20, 1985, Microsoft introduced the Windows operating environment which was nothing more than a graphical operating shell for MS-DOS.
Today we begin our journey into the Win32API. This book will take you step-by-step writing very simple Win32API’s in both x86 and x64 platforms in C and then reversing them both very carefully using the world’s most popular Hey Rays IDA Free tool which is a stripped down version of the IDA Pro tool used in more professional Reverse Engineering environments. Let’s begin...
#book #windows
👍1
Forwarded from white2hack 📚
learn hacking window.pdf
4.9 MB
Hacking Windows, first edition, Kevin Thomas, 2022
با دانلود این کلاینت میتونید از ویژگیهای اسپاتیفای پریمیوم روی هر پلتفرمی (ویندوز، مک، اندروید، لینوکس و ...) به شکل رایگان استفاده کنید
تنها نکتش اینه که این هم فیلتره و موقع استفاده فیلتر شکنتون رو روشن کنید 😅
تنها نکتش اینه که این هم فیلتره و موقع استفاده فیلتر شکنتون رو روشن کنید 😅
GitHub
GitHub - KRTirtho/spotube: 🎧 Open source music streaming app! Available for both desktop & mobile!
🎧 Open source music streaming app! Available for both desktop & mobile! - KRTirtho/spotube
🔥2
Forwarded from OnHex
🔴 مهمان امشب برنامه Off By One Security ، آقای Duncan Ogilvie ، خالق دیباگر معروف X64dbg هستش.
موضوع برنامه اشون Debugging Windows Internals with x64dbg هستش. اگه علاقمند بودید شرکت کنید.
این برنامه قراره حدود ساعت 30 : 21 به وقت ایران در یوتیوب برگزار بشه.
اگه نرسیدید ببینید یا منتظر زیرنویس بودید، بعدا هم از همون لینک قابل دسترس هستش.
🆔 @onhex_ir
➡️ ALL Link
موضوع برنامه اشون Debugging Windows Internals with x64dbg هستش. اگه علاقمند بودید شرکت کنید.
این برنامه قراره حدود ساعت 30 : 21 به وقت ایران در یوتیوب برگزار بشه.
اگه نرسیدید ببینید یا منتظر زیرنویس بودید، بعدا هم از همون لینک قابل دسترس هستش.
🆔 @onhex_ir
➡️ ALL Link
YouTube
Debugging Windows Internals with x64dbg!
Join me with my guest Duncan Ogilvie, developer of x64dbg, as he shows us around the tool and shares some Windows debugging techniques. x64dbg is the only actively maintained userland debugger outside of WinDbg, and aims to be much more intuitive and easy…
Forwarded from OSCP|OSWE|EWPTXV2|CRTP|EJPTV2 (KnockouT)
#Udemy | Red Teaming | Exploit Development with Assembly and C |MSAC+
Info: https://www.udemy.com/course/shellcode/
Info: https://www.udemy.com/course/shellcode/
Forwarded from OSCP|OSWE|EWPTXV2|CRTP|EJPTV2 (KnockouT)
Red-Teaming-Exploit-Development-with-Assembly-and-C-MSAC.7z
1.4 GB
یه مقاله نسبتا جالب در مورد یه برنامه نویس که تو دو سال تونسته به درآمد ماهانه ۴۵ هزار دلار برسه:
https://news.tonydinh.com/p/my-solopreneur-story-zero-to-45kmo
#story
#experience
#paper
https://news.tonydinh.com/p/my-solopreneur-story-zero-to-45kmo
#story
#experience
#paper
Tonydinh
My solopreneur story: zero to $45K/mo in 2 years
Today is exactly 2 years since I quit my job and become a full-time indie hacker.
Forwarded from CyberSecurity Shield (Pouyan Zamani)
Bash Scripting .pdf
4.4 MB
#پرزنت خوب برای bash noscripting
به نظرم جالب اومد
به نظرم جالب اومد
Stuff for Geeks
اگه به هر دلیلی از ویم یا neovim خوشتون نمیاد، به عنوان یه جایگزین helix رو داریم که با Rust نوشته شده. خودم کار نکردم باهش ولی گیت هابش 27هزارتا ستاره داره!(فک میکنم نهایتا دو سه ساله که اومده) توی کنفرانس neovim سال 2022 هم یه ارایه ای درموردش بود که میتونین…
این فیلم ها را ببینید تا نظرتان درمورد ویم و neovim مقداری تغییر کند!!
https://www.youtube.com/watch?v=tJHjCGHGQhw
https://www.youtube.com/watch?v=xHebvTGOdH8
https://www.youtube.com/watch?v=tJHjCGHGQhw
https://www.youtube.com/watch?v=xHebvTGOdH8
YouTube
Helix Text Editor: A Review
Can Vim and Neovim be dethroned by this new modal text editor written in Rust?
I review Helix's features: tree-sitter, LSP, color schemes, etc. I also tell you about the pain points and caveats.
Helix runs on Linux, Windows and MacOS.
Timestamps:
00:00…
I review Helix's features: tree-sitter, LSP, color schemes, etc. I also tell you about the pain points and caveats.
Helix runs on Linux, Windows and MacOS.
Timestamps:
00:00…
🔥1
Forwarded from .....
اطلاعات بیشتر بزودی در کانال منتشر خواهد شد .
Please open Telegram to view this post
VIEW IN TELEGRAM
🎉1
Forwarded from 𝐂𝐲𝐛𝐞𝐫 𝐊𝐞𝐧𝐝𝐫𝐚
Source Code Disclosure in ASP.NET apps
ASP.NET has a strange mode of operation called " Cookie-less Session " - when an identifier from the URL is used for authentication, instead of a cookie.
For example:
http://site.com/CybredApplication/(A(XXXX)S(XXXX)F(XXXX))/home.aspx
where A(XXXX) is session_id; S(XXXX) — Anonymous-ID; F(XXXX) — Forms Authentication ticket.
It generates a bunch of bugs, thanks to which you can carry out Session Fixation attacks, exploit XSS , or bypass WAF . But now this list has been supplemented by downloading application sources.
All you need is the runAllManagedModulesForAllRequests module enabled (usually it is enabled) and a well-formed link like the one shown in the screenshot.
And in conjunction with IIS-ShortName-Scanner and the ::$INDEX_ALLOCATION trick, you can list the contents of directories, exploiting another feature with short file names.
https://swarm.ptsecurity.com/source-code-disclosure-in-asp-net-apps/
ASP.NET has a strange mode of operation called " Cookie-less Session " - when an identifier from the URL is used for authentication, instead of a cookie.
For example:
http://site.com/CybredApplication/(A(XXXX)S(XXXX)F(XXXX))/home.aspx
where A(XXXX) is session_id; S(XXXX) — Anonymous-ID; F(XXXX) — Forms Authentication ticket.
It generates a bunch of bugs, thanks to which you can carry out Session Fixation attacks, exploit XSS , or bypass WAF . But now this list has been supplemented by downloading application sources.
All you need is the runAllManagedModulesForAllRequests module enabled (usually it is enabled) and a well-formed link like the one shown in the screenshot.
And in conjunction with IIS-ShortName-Scanner and the ::$INDEX_ALLOCATION trick, you can list the contents of directories, exploiting another feature with short file names.
https://swarm.ptsecurity.com/source-code-disclosure-in-asp-net-apps/
سال نو مبارک
امیدوارم سال 403 تون بدور از هرگونه خطای 403ای باشه❤️
ایشالا بتونین بهترین خودتون باشین
امیدوارم سال 403 تون بدور از هرگونه خطای 403ای باشه❤️
ایشالا بتونین بهترین خودتون باشین
❤1
Forwarded from RedBlueTM Hit (./TaK.FaNaR)
Win32 Shellcoding.zip
545.8 MB
#Udemy | Win32 Shellcoding
Info: https://www.udemy.com/course/win32-shellcoding/
Password: @redbluehit
@Hide01 📰
@RedBlueHit 💀👀
@RedBlueTM 🔒
Info: https://www.udemy.com/course/win32-shellcoding/
Password: @redbluehit
@Hide01 📰
@RedBlueHit 💀👀
@RedBlueTM 🔒
Forwarded from white2hack 📚
God Penetration Testing Reference Bank
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet. This is a collection of resources, noscripts and easy to follow how-to's. I have been gathering (and continuing to gather) in preparation for the OSCP as well as for general pentesting. Feel free to use however you want!
GitHub
#pentest
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet. This is a collection of resources, noscripts and easy to follow how-to's. I have been gathering (and continuing to gather) in preparation for the OSCP as well as for general pentesting. Feel free to use however you want!
GitHub
#pentest
Forwarded from IRCF | اینترنت آزاد برای همه
توسط اینابزار کاربردی میتونین لینک ساب از کانفیگهای رایگان Xray, ClashMeta, SingBox و SurfBoard دریافت کرده یا کانفیگ وارپ بسازید.
👉 https://app.yebekhe.link
© yebekhe
🔍 https://ircf.space
@ircfspace
👉 https://app.yebekhe.link
© yebekhe
🔍 https://ircf.space
@ircfspace