Forwarded from Cyber0ΠΆff666 Ξ»
Malware development series
PART 1 - basics:
https://0xpat.github.io/Malware_development_part_1/
PART 2 - anti dynamic analysis & sandboxes:
https://0xpat.github.io/Malware_development_part_2/
PART 3 - anti-debugging:
https://0xpat.github.io/Malware_development_part_3/
PART 4 ββ- antistatic analysis tricks:
https://0xpat.github.io/Malware_development_part_4/
PART 5 - tips & tricks:
https://0xpat.github.io/Malware_development_part_5/
PART 6 - advanced obfuscation with LLVM and template metaprogramming:
https://0xpat.github.io/Malware_development_part_6/
PART 7 - Secure Desktop:
https://0xpat.github.io/Malware_development_part_7/
PART 8 - COFF injection and in-memory execution:
https://0xpat.github.io/Malware_development_part_8/
PART 9 - hosting CLR and managed code injection:
https://0xpat.github.io/Malware_development_part_9/
PART 1 - basics:
https://0xpat.github.io/Malware_development_part_1/
PART 2 - anti dynamic analysis & sandboxes:
https://0xpat.github.io/Malware_development_part_2/
PART 3 - anti-debugging:
https://0xpat.github.io/Malware_development_part_3/
PART 4 ββ- antistatic analysis tricks:
https://0xpat.github.io/Malware_development_part_4/
PART 5 - tips & tricks:
https://0xpat.github.io/Malware_development_part_5/
PART 6 - advanced obfuscation with LLVM and template metaprogramming:
https://0xpat.github.io/Malware_development_part_6/
PART 7 - Secure Desktop:
https://0xpat.github.io/Malware_development_part_7/
PART 8 - COFF injection and in-memory execution:
https://0xpat.github.io/Malware_development_part_8/
PART 9 - hosting CLR and managed code injection:
https://0xpat.github.io/Malware_development_part_9/
0xpat.github.io
Malware development part 1 - basics
Introduction
This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist.
Letβsβ¦
This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist.
Letβsβ¦
β€βπ₯1
Forwarded from Hacker News (yahnc_bot)
How the great firewall of China detects and blocks fully encrypted traffic [pdf] https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf
β€βπ₯1
Intro to Cryptography [pdf] (2011) https://www.cs.umd.edu/~waa/414-F11/IntroToCrypto.pdf
The hardest part of building software is not coding, it's requirements https://stackoverflow.blog/2023/06/26/the-hardest-part-of-building-software-is-not-coding-its-requirements/
stackoverflow.blog
The hardest part of building software is not coding, it's requirements - Stack Overflow
_Michael_Sipser_Introduction_to_the_Theory_of_Computation_2012,.pdf
5 MB
Introduction to Theory of Computation - Michael Sipser
Recommended book if you want deep dive into computer science core theory.
Recommended book if you want deep dive into computer science core theory.
ZeroVer: 0-Based Versioning https://0ver.org/
0ver.org
ZeroVer: 0-based Versioning β zer0ver
Software's most popular versioning scheme!
π1
Forwarded from Hacker News (yahnc_bot)
The Undecidability of BB(748): Understanding Godelβs Incompleteness Theorems [pdf] https://www.ingo-blechschmidt.eu/assets/bachelor-thesis-undecidability-bb748.pdf
Windows is the malware compatibility layer for everything https://twitter.com/matthew_d_green/status/1679135426806784004
X (formerly Twitter)
Matthew Green (@matthew_d_green) on X
Computer security would be about 80% solved if we just deprecated every technology shown in this graphic.
π1π1
Computation and State Machines (2008) [pdf] https://lamport.azurewebsites.net/pubs/state-machine.pdf
π1
PLAI Version 3.2.2 electronic.pdf
3.9 MB
Programming Language : Application and Interpretation v3.2.2
Forwarded from /archive/ (monero chan)
Complete Guide to Shodan.pdf
4.3 MB
Because Shodan was only $5.00
Forwarded from Hacker News (yahnc_bot)
Why project-based learning fails (2018) https://www.pathsensitive.com/2018/02/the-practice-is-not-performance-why.html
Pathsensitive
The Practice is not the Performance: Why project-based learning fails
Last night, I encountered an old post by Zach Holman where he pushes the idea that traditional school-based CS is useless; project-based ...
Forwarded from Hacker News (yahnc_bot)
Never run ldd on unknown executables (2009) https://catonmat.net/ldd-arbitrary-code-execution
catonmat.net
ldd arbitrary code execution
The `ldd` utility is more vulnerable than you think. It's frequently used by programmers and system administrators to determine the dynamic library dependencies of executables. Sounds pretty innocent, right? Wrong! In this article I am going to show you howβ¦