To dump executable code bytes from PE file, I wrote a small helper tool.
I intend to use this tool for shellcode development, etc.
https://github.com/daem0nc0re/TangledWinExec/tree/main/Misc#peripper
π£daem0nc0re
π@malwr
I intend to use this tool for shellcode development, etc.
https://github.com/daem0nc0re/TangledWinExec/tree/main/Misc#peripper
π£daem0nc0re
π@malwr
TrueBot Analysis Part I - A short glimpse into packed TrueBot samples : https://malware.love/malware_analysis/reverse_engineering/2023/02/12/analyzing-truebot-packer.html
Part 2 : Static Unpacker : https://malware.love/malware_analysis/reverse_engineering/2023/02/18/analyzing-truebot-static-unpacking.html credits @lazy_daemon
π£binitamshah
π@malwr
Part 2 : Static Unpacker : https://malware.love/malware_analysis/reverse_engineering/2023/02/18/analyzing-truebot-static-unpacking.html credits @lazy_daemon
π£binitamshah
π@malwr
First world cyber problems
TrueBot Analysis Part I - A short glimpse into packed TrueBot samples
Detailed Analysis of Nevada Ranswomware : https://www.resecurity.com/blog/article/nevada-ransomware-waiting-for-the-next-dark-web-jackpot
π£binitamshah
π@malwr
π£binitamshah
π@malwr
Chatting Our Way Into Creating a Polymorphic Malware : https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
π£binitamshah
π@malwr
π£binitamshah
π@malwr
Expose Backdoors on the Way : A Feature-Based Efficient Defense against Textual Backdoor Attacks : https://aclanthology.org/2022.findings-emnlp.47.pdf (pdf)
π£binitamshah
π@malwr
π£binitamshah
π@malwr
MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - Octoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk - Octoberfest7/MemFiles
New AMSI lifetime bypass, it works by searching for the first byte of each instruction to prevent updates from affecting it, Check it out.
#amsi #redteam #cybersecurity
https://github.com/ZeroMemoryEx/Amsi-Killer
π£ZeroMemoryEx
π@malwr
#amsi #redteam #cybersecurity
https://github.com/ZeroMemoryEx/Amsi-Killer
π£ZeroMemoryEx
π@malwr
GitHub
GitHub - ZeroMemoryEx/Amsi-Killer: Lifetime AMSI bypass
Lifetime AMSI bypass. Contribute to ZeroMemoryEx/Amsi-Killer development by creating an account on GitHub.
Example of buffer overflow in Linux kernel (6.2.0-rc1) with exploit PoC by Davide Ornaghi
(CVE-2023-0179 affecting nftables)
https://seclists.org/oss-sec/2023/q1/20
#Linux #kernel #infosec #cybersecurity #cve
π£0xor0ne
π@malwr
(CVE-2023-0179 affecting nftables)
https://seclists.org/oss-sec/2023/q1/20
#Linux #kernel #infosec #cybersecurity #cve
π£0xor0ne
π@malwr
It's About Time - Timestamp Changes in Windows 11
Good morning,
This episode was originally scheduled for release last month, but the new Windows 11 program execution artifact was a bit more timely and took its place. This episode covers a lot of fundamental Windows timestamp knowledge, plus some important timestamp changes in recent versions of Windows.
Watch Here: https://www.youtube.com/watch?v=c7eUibpy\_XM
For a complete 13Cubed Episode Guide, check out 13cubed.com/episodes.
For even more in-depth content, check out the first official 13Cubed Training Course at **training.13cubed.com**.
π£13Cubed
Nice!
π€CandidTill6
π@malwr
Good morning,
This episode was originally scheduled for release last month, but the new Windows 11 program execution artifact was a bit more timely and took its place. This episode covers a lot of fundamental Windows timestamp knowledge, plus some important timestamp changes in recent versions of Windows.
Watch Here: https://www.youtube.com/watch?v=c7eUibpy\_XM
For a complete 13Cubed Episode Guide, check out 13cubed.com/episodes.
For even more in-depth content, check out the first official 13Cubed Training Course at **training.13cubed.com**.
π£13Cubed
Nice!
π€CandidTill6
π@malwr
π1
Evasion-Escaper: Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
π£digicat
An interesting blog from the link you shared. Thanks for posting!
π€LeftOnQuietRoad
π@malwr
π£digicat
An interesting blog from the link you shared. Thanks for posting!
π€LeftOnQuietRoad
π@malwr
GitHub
GitHub - vvelitkn/Evasion-Escaper: Evasion Escaper is a project aimed at evading the checks that malicious software performs toβ¦
Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successf...