https://cocomelonc.github.io/persistence/2025/03/12/malware-pers-27.html next one in my blog. I’ve written a lot about various persistence methods but somehow I forgot to mention one simple technique.

Scheduled Tasks are a simple yet effective way to achieve persistence on a Windows system, the APT groups like #apt17 and #apt41 exploited this feature for attacking PCs.

#cybersecurity #hacking #research #malware #malwaredev #cybercrime #apt #programming #redteam #blueteam #purpleteam

Full series persistence - part 1:
registry run keys:
https://cocomelonc.github.io/tutorial/2022/04/20/malware-pers-1.html

screensaver hijacking:
https://cocomelonc.github.io/tutorial/2022/04/26/malware-pers-2.html

COM DLL hijack:
https://cocomelonc.github.io/tutorial/2022/05/02/malware-pers-3.html

windows services:
https://cocomelonc.github.io/tutorial/2022/05/09/malware-pers-4.html

AppInit DLLs:
https://cocomelonc.github.io/tutorial/2022/05/16/malware-pers-5.html

windows netsh helper DLL:
https://cocomelonc.github.io/tutorial/2022/05/29/malware-pers-6.html

winlogon:
https://cocomelonc.github.io/tutorial/2022/06/12/malware-pers-7.html

port monitors:
https://cocomelonc.github.io/tutorial/2022/06/19/malware-pers-8.html

default file extension hijacking:
https://cocomelonc.github.io/malware/2022/08/26/malware-pers-9.html

using image file execution options:
https://cocomelonc.github.io/malware/2022/09/10/malware-pers-10.html

#malware #malwaredev #research #cybercrime #persistence #apt #mitre

Full series persistence - part 2:

powershell profile:
https://cocomelonc.github.io/malware/2022/09/20/malware-pers-11.html

accessibility features:
https://cocomelonc.github.io/malware/2022/09/30/malware-pers-12.html

hijacking uninstall logic for application:
https://cocomelonc.github.io/malware/2022/10/04/malware-pers-13.html

event viewer help link:
https://cocomelonc.github.io/malware/2022/10/09/malware-pers-14.html

internet explorer:
https://cocomelonc.github.io/malware/2022/10/12/malware-pers-15.html

cryptography registry keys:
https://cocomelonc.github.io/malware/2022/10/21/malware-pers-16.html

windows error reporting:
https://cocomelonc.github.io/malware/2022/11/02/malware-pers-18.html

disk cleanup utility:
https://cocomelonc.github.io/persistence/2022/11/16/malware-pers-19.html

UserInitMprLogonScript:
https://cocomelonc.github.io/persistence/2022/12/09/malware-pers-20.html

#malware #malwaredev #persistence #apt #cybercrime #mitre

Full series persistence - part 3:

Recycle Bin, My Documents COM extension handler:
https://cocomelonc.github.io/persistence/2023/01/19/malware-pers-21.html

windows setup:
https://cocomelonc.github.io/persistence/2023/07/16/malware-pers-22.html

LNK files:
https://cocomelonc.github.io/persistence/2023/12/10/malware-pers-23.html

StartupApproved:
https://cocomelonc.github.io/persistence/2024/03/12/malware-pers-24.html

create symlink from legit to evil:
https://cocomelonc.github.io/persistence/2024/07/13/malware-pers-25.html

microsoft edge:
https://cocomelonc.github.io/persistence/2024/08/14/malware-pers-26.html

scheduled tasks:
https://cocomelonc.github.io/persistence/2025/03/12/malware-pers-27.html

#malware #malwaredev #research #persistence #apt #cybercrime #mitre

This is a very short post. I just want to please my readers, colleagues and friends. translation of MD MZ book to Russian language is finished.
For the Russian language I have some issues. First one is with different fonts: for Russian Cyrillic and for Arabic. The second problem is with displaying comments in code blocks in Russian, so I left them in this version as in the original - in English (I generally consider writing comments in code in languages ​​other than English to be very bad form).

You can send donations via https://paypal.me/cocomelonc/

- how are cats different from dogs?
- cats don't work for the cops and catch rats =^..^=
#cats #catstanbul #archive

Eid Mubarak 💝

https://www.amazon.com/dp/1801810176

Today I received the 2024 sales report for my book Malware Development for Ethical Hackers. Total sales including ebooks and Packt subscriptions: 1,160 copies. The book was in the top 3 Amazon wishlist last year, and also in the top 3 on Packt in the security and cryptography categories.

First of all, I am grateful to my family, especially my wife Laura. My readers, coworkers, and friends deserve a tremendous amount of gratitude as well.

It is my sincere desire that the information I impart will result in at least one reader becoming more knowledgeable, more proficient, and more self-assured.

#book #research #hacking #malware #apt #cybercrime

https://cocomelonc.github.io/malware/2025/04/02/malware-cryptography-40.html djuma mubarak! next one on my blog. enjoy!

In this post I want to show you how to implement custom RC5 encryption in Nim language and execute decrypted payload using a sneaky Windows API trick - EnumDesktopsA

twitter: https://x.com/cocomelonckz/status/1908020857164747143

#hacking #cybersecurity #programming #cybercrime #apt #malware #threatintel #book #research #cryptography

There are already 3 international conferences this year where I will not be able to speak, although I received approval for my talk, and all because of the stupid entry rules into the European Union and the Balkans 😂😂😂
https://x.com/cocomelonckz/status/1908410624343785746
#research #malware #book #conferences #hacking #cybercrime #apt

https://cocomelonc.github.io/malware/2025/04/10/malware-cryptography-41.html djuma mubarak! next one from my blog.

This post is the result of my own research on using TEA encryption on malware development, but the main difference is using Nim language instead C/C++

https://github.com/cocomelonc/meow/tree/master/2025-04-10-malware-cryptography-41

#cybersecurity #malware #hacking #redteam #blueteam #purpleteam #programming #research #cybercrime #apt #nim #clang #cpp

Alhamdulillah, if you are good at something then extend your #knowledge to everyone so that the world can shine
#cybersecurity #book #research #hacking #malware #programming #cybercrime #apt

https://github.com/cocomelonc/bsprishtina-2024-maldev-workshop/
Assalamu aleikum. Just updated the repository. Added new PoCs based on my trainings that I conduct in Bahrain ❤️ at this time.
https://x.com/cocomelonckz/status/1915237225626808725
#cybersecurity #hacking #programming #research #malware #redteam #blueteam #purpleteam #apt #cybercrime #books #knowledge #packt

https://cocomelonc.github.io/malware/2025/05/01/malware-tricks-46.html djuma mubarak! next one in my blog. Simple "classic" trick, very useful for my entry level readers and students. enjoy! =^..^=

twtter: https://x.com/cocomelonckz/status/1918210338681409945

#malware #cybersecurity #hacking #redteam #blueteam #purpleteam #cybercrime #malwaredev #malwareanalysis #apt #spyware #research #programming

Djuma mubarak! I know that among my followers on linkedin, twitter and telegram there are French speaking cybersecurity speciialists, I found an interesting playlist and channel: it looks at examples and code from my blog in French on youtube:

https://www.youtube.com/watch?v=TQUCY6k0o_s&list=PLboyMWpGKWpBt2iUH6hIz68oqkRtCQr2C&index=86

twitter: https://x.com/cocomelonckz/status/1920871454028992906

#cybersecurity #hacking #programming #malware #research #youtube #book #cybercrime #redteam #blueteam #purpleteam

https://cocomelonc.github.io/malware/2025/05/10/malware-tricks-47.html next one in my blog. several #apt groups and #cybercriminal organizations like #APT37, #APT38, #Sandworm and malware like #ZeusPanda, #ROKRAT or #CosmicDuke have used this trick.

twitter: https://x.com/cocomelonckz/status/1922149005800182188

#cybersecurity #hacking #malware #redteam #blueteam #purpleteam #programming #research #malwaredev

Alhamdulillah! Our cat gave birth to kittens! =^..^= 😍

I am working on new book, the book will be released in the next few days in sha Allah
#research #malware #book #hacking

I am on the finish line ❤️
new #book coming soon
#book #malware #hacking #research