https://cocomelonc.github.io/macos/2025/07/08/malware-mac-5.html next one from my blog. I decided it would be better to make a separate article for ARM/M1 assembly
twitter: https://x.com/cocomelonckz/status/1942805722070163614
#cybersecurity #hacking #malware #maldev #blackhat #ethicalhacking #purpleteam #research #book #infosec #programming #assembly #cpp #cybercrime #apt
twitter: https://x.com/cocomelonckz/status/1942805722070163614
#cybersecurity #hacking #malware #maldev #blackhat #ethicalhacking #purpleteam #research #book #infosec #programming #assembly #cpp #cybercrime #apt
cocomelonc
MacOS hacking part 5: shellcode running. Simple NASM and C (Intel) examples
﷽
🔥5❤3👍1
I wonder how difficult it is to program this with the most realistic physics?
a long time ago I taught children to program PC games and even wrote several 2D adventure games myself
Nostalgy #retrogames
a long time ago I taught children to program PC games and even wrote several 2D adventure games myself
Nostalgy #retrogames
❤20
https://cocomelonc.github.io/android/2025/07/13/malware-android-1.html next one from my blog. I want to see how is working the Android malware analysis(beta) feature in ANY.RUN
ANY.RUN says: “Process communicates with Telegram (possibly using it as an attacker’s C2 server)" (T1102)
Many thanks to ANY.RUN for API ♥️!
twitter: https://x.com/cocomelonckz/status/1944607736475373757
#hacking #research #malware #maldev #purpleteam #android #stealer #telegram #book #programming #cybersecurity
ANY.RUN says: “Process communicates with Telegram (possibly using it as an attacker’s C2 server)" (T1102)
Many thanks to ANY.RUN for API ♥️!
twitter: https://x.com/cocomelonckz/status/1944607736475373757
#hacking #research #malware #maldev #purpleteam #android #stealer #telegram #book #programming #cybersecurity
cocomelonc
Mobile malware development trick 1. Abuse Telegram Bot API. Simple Android (Java/Kotlin) stealer example.
﷽
❤4🔥2👏1
Hack.lu 2025 1 talk + 1 workshop, thank you for invitation again! ♥️
https://x.com/cocomelonckz/status/1945495533885288463
#conferences #trainings #research #malware #hacking #programming #book #purpleteam #maldev #cybercrime #apt
https://x.com/cocomelonckz/status/1945495533885288463
#conferences #trainings #research #malware #hacking #programming #book #purpleteam #maldev #cybercrime #apt
❤6👍1👏1
https://cocomelonc.github.io/malware/2025/07/16/malware-cryptography-43.html next one from my blog. Mars is one of those “legendary but niche” block ciphers you only see in CTFs, #crypto #research, or when someone wants to confuse the hell out of an analyst
Thanks to ANY.RUN for API ♥️!
twitter: https://x.com/cocomelonckz/status/1945737232788144305
#hacking #malware #maldev #cryptography #research #programming #purpleteam #book
Thanks to ANY.RUN for API ♥️!
twitter: https://x.com/cocomelonckz/status/1945737232788144305
#hacking #malware #maldev #cryptography #research #programming #purpleteam #book
cocomelonc
Malware and cryptography 43 - encrypt/decrypt payload via Mars cipher. Simple C example.
﷽
❤7👏1
https://cocomelonc.github.io/macos/2025/07/18/malware-mac-6.html next one from my blog. Everything works perfectly as expected =^..^=
But we have some caveats. Once we get to writing shellcode, we want to avoid any null-bytes. For this reason I will show you source code for this examples that does not contain any null-bytes in the next few blog posts.
twitter: https://x.com/cocomelonckz/status/1947148527546626306
#cybersecurity #hacking #malware #programming #apple #assembly #research #arm #m1 #maldev #shellcode #payload #redteam #blueteam #purpleteam
But we have some caveats. Once we get to writing shellcode, we want to avoid any null-bytes. For this reason I will show you source code for this examples that does not contain any null-bytes in the next few blog posts.
twitter: https://x.com/cocomelonckz/status/1947148527546626306
#cybersecurity #hacking #malware #programming #apple #assembly #research #arm #m1 #maldev #shellcode #payload #redteam #blueteam #purpleteam
cocomelonc
MacOS hacking part 6: Assebmly intro on ARM(M1). Simple NASM (M1) examples
﷽
❤8👍1🔥1
https://cocomelonc.github.io/android/2025/07/30/malware-android-2.html next one from my blog. Thanks to ANY.RUN for API! ♥️
This is a practical case for educational purposes only.
twitter: https://x.com/cocomelonckz/status/1950391133705544102
#cybersecurity #hacking #malware #android #maldev #research #telegram #apt #purpleteam #redteam #blueteam #book #cybercrime #rat #trojan
This is a practical case for educational purposes only.
twitter: https://x.com/cocomelonckz/status/1950391133705544102
#cybersecurity #hacking #malware #android #maldev #research #telegram #apt #purpleteam #redteam #blueteam #book #cybercrime #rat #trojan
cocomelonc
Mobile malware development trick 2. Abuse Telegram Bot API: Contacts. Simple Android (Java/Kotlin) stealer example.
﷽
❤8🔥3👍2
https://cocomelonc.github.io/macos/2025/08/02/malware-mac-7.html next one from my blog. This code shows that ultra-minimal #linux #shellcode still works on #macOS Sonoma, which is both surprising and #educational.
Want the same for ARM64 M1/M2 shellcode? It will be in the next posts of this macOS hacking series.
twitter: https://x.com/cocomelonckz/status/1952222369050771695
#hacking #blackhat #purpleteam #research #macos #apple #malware #apt #cybercrime #book #redteam #blueteam #cybersecurity #programming
Want the same for ARM64 M1/M2 shellcode? It will be in the next posts of this macOS hacking series.
twitter: https://x.com/cocomelonckz/status/1952222369050771695
#hacking #blackhat #purpleteam #research #macos #apple #malware #apt #cybercrime #book #redteam #blueteam #cybersecurity #programming
cocomelonc
MacOS hacking part 7: Minimal Linux-style shellcode on macOS (Intel). Simple NASM (Intel) and C examples
﷽
❤8🔥3👍1
Still grinding on the new book - this time with a different publisher, since the last one basically ghosted me. Asked them for almost two months to just create a GitHub repo, but apparently that was too much to handle. So yeah, switched gears. ❤️
🔥9❤8👍2
https://cocomelonc.github.io/macos/2025/08/10/malware-mac-8.html next one from my blog. no exploits here - just clean mechanics you can reuse in #redteam and #blueteam practice/ #exercises.
twitter: https://x.com/cocomelonckz/status/1954762366396105161
#cybersecurity #hacking #malware #macos #apple #programming #research #purpleteam #maldev #malwareanalysis #arm #intel
twitter: https://x.com/cocomelonckz/status/1954762366396105161
#cybersecurity #hacking #malware #macos #apple #programming #research #purpleteam #maldev #malwareanalysis #arm #intel
cocomelonc
MacOS hacking part 8: dlopen() code loading + finding target PIDs. Simple C (Intel, ARM) examples
﷽
❤13
https://cocomelonc.github.io/malware/2025/08/11/malware-tricks-49.html next one from my blog. Interaction with the Azure cloud is recognized as legitimate behavior and this is the main problem! Pwn! =^..^=
twitter: https://x.com/cocomelonckz/status/1955512821422403742
any.run task: https://app.any.run/tasks/5ad3bf05-f2c3-48d0-8552-7a988b536ad8
Thanks to any.run for API! ♥️
#hacking #malware #stealer #azure #microsoft #cybersecurity #purpleteam #research #apt #cybercrime #blackhat #maldev #apt
twitter: https://x.com/cocomelonckz/status/1955512821422403742
any.run task: https://app.any.run/tasks/5ad3bf05-f2c3-48d0-8552-7a988b536ad8
Thanks to any.run for API! ♥️
#hacking #malware #stealer #azure #microsoft #cybersecurity #purpleteam #research #apt #cybercrime #blackhat #maldev #apt
cocomelonc
Malware development trick 49: abusing Azure DevOps REST API for covert data channels. Simple C examples.
﷽
❤5👍4🔥2👎1
https://cocomelonc.github.io/malware/2025/08/15/malware-tricks-50.html next one from my blog. tLab #technologies company recently discovered one of the first in #Kazakhstan in interesting #phishing campaign aimed at one of the clients.
twitter: https://x.com/cocomelonckz/status/1957321542322286805
Thanks tLab for the API! ♥️
#hacking #research #malware #programming #purpleteam #maldev #cybercrime #apt #microsoft
twitter: https://x.com/cocomelonckz/status/1957321542322286805
Thanks tLab for the API! ♥️
#hacking #research #malware #programming #purpleteam #maldev #cybercrime #apt #microsoft
cocomelonc
Malware development trick 50: phishing attack using a fake login page with Telegram exfiltration. Simple Javascript example.
﷽
1❤11👍1
https://cocomelonc.github.io/macos/2025/08/19/malware-mac-9.html next post in my blog. I'll explore #arm #m1 in upcoming posts.
twitter: https://x.com/cocomelonckz/status/1958033531797406090
#cybersecurity #malware #apple #macosx #osx #shellcode #hacking #programming #research #injection #book #cybercrime #macbook #redteam #purpleteam #blueteam
twitter: https://x.com/cocomelonckz/status/1958033531797406090
#cybersecurity #malware #apple #macosx #osx #shellcode #hacking #programming #research #injection #book #cybercrime #macbook #redteam #purpleteam #blueteam
cocomelonc
MacOS hacking part 9: shellcode injection via task_for_pid - thread hijacking. Simple C (Intel) example
﷽
❤9👍3🔥2
This media is not supported in your browser
VIEW IN TELEGRAM
I miss this country, my second home - Bahrain 🇧🇭🇧🇭🇧🇭
❤11😘3🔥2
https://cocomelonc.github.io/macos/2025/08/24/malware-mac-10.html next one from my blog. instead of hijacking an existing thread, we’ll create an entirely new thread in the target process.
twitter: https://x.com/cocomelonckz/status/1959855281929691412
#malware #cybersecurity #hacking #purpleteam #maldev #cybercrime #asm #apple #macosx #threatintel #research #programming #book
twitter: https://x.com/cocomelonckz/status/1959855281929691412
#malware #cybersecurity #hacking #purpleteam #maldev #cybercrime #asm #apple #macosx #threatintel #research #programming #book
❤8👍1🔥1
https://github.com/cocomelonc/mdmz_book/
Alhamdulillah, I am starting to translate my #book into Kazakh to develop the Kazakh-speaking #cybersec #community in Kazakhstan. I also want to support everyone who wants to make content in Kazakh about #technology
#hacking #programming #purpleteam #malware
Alhamdulillah, I am starting to translate my #book into Kazakh to develop the Kazakh-speaking #cybersec #community in Kazakhstan. I also want to support everyone who wants to make content in Kazakh about #technology
#hacking #programming #purpleteam #malware
GitHub
GitHub - cocomelonc/mdmz_book: The result of research and investigation of malware development tricks, techniques, evasion, cryptography…
The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware - cocomelonc/mdmz_book
🔥13❤7👍1