Let's create Malware in Python : https://www.youtube.com/watch?v=UtMMjXOlRQc
Ref :
1) https://papers.vx-underground.org/papers/Other/VXUG%20Zines/2022-12-04%20-%20About%20malware%20writing%20and%20how%20to%20start.html
2) Writing a simple wiper malware : https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
π£binitamshah
π@malwr
Ref :
1) https://papers.vx-underground.org/papers/Other/VXUG%20Zines/2022-12-04%20-%20About%20malware%20writing%20and%20how%20to%20start.html
2) Writing a simple wiper malware : https://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652
π£binitamshah
π@malwr
YouTube
i created malware with Python (it's SCARY easy!!)
Create your Python Malware lab: https://ntck.co/linode (you get a $100 Credit good for 60 days as a new user!)
We are going to write our very own malware in Python!! Itβs actually scary easy to do and it will give you a peek behind the curtain of how badβ¦
We are going to write our very own malware in Python!! Itβs actually scary easy to do and it will give you a peek behind the curtain of how badβ¦
Learning Assembly : https://www.youtube.com/playlist?list=PLHJns8WZXCdvESvdr1BRjo4RHiR1Ylhw9 credits @jstrosch (18 video's)
π£binitamshah
π@malwr
π£binitamshah
π@malwr
Make your iOS kernel exploration on @HexRaysSA's IDA easier using PPLorer
a plugin to resolve PPL calls to the underlying function.
https://github.com/cellebrite-labs/PPLorer
π£omerporze
π@malwr
a plugin to resolve PPL calls to the underlying function.
https://github.com/cellebrite-labs/PPLorer
π£omerporze
π@malwr
GitHub
GitHub - cellebrite-labs/PPLorer: IDA plugin that resolves PPL calls to the actual underlying PPL function.
IDA plugin that resolves PPL calls to the actual underlying PPL function. - cellebrite-labs/PPLorer
Frebniis : New Malware Abuses Microsoft IIS Feature to Establish Backdoor : https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/frebniis-malware-iis
π£binitamshah
π@malwr
π£binitamshah
π@malwr
π CVE-2022-24942 Heap-based buffer overflow in Silicon Labs Gecko SDK (found via automated binary analysisπ₯οΈ)
π£attilaszia
Skimming the discovery section I saw a mention of a taint tracking module, curious about what other high-level concepts the zero-day analysis tool uses (if it's possible for you to share, I get that you have IP to protect).
Are there any e.g. whitepapers about how the system as a whole works? I'm somewhat knowledgeable about fuzzing and various approaches to that (basic coverage-guided mutation stuff, search-based, grammar-based, etc), curious if that general theory is what the dynamic analysis is based on or if there are other types of dynamic analysis I should go read up on.
π€captain_zavec
PRIS looks interesting however I wouldn't be comfortable uploading firmware blobs to the cloud for analysis by PRIS
π€WindyDaysAreWindy
Just read your article about log4j incident really cool. Keep the good work!
π€waitwatidonteven
π@malwr
π£attilaszia
Skimming the discovery section I saw a mention of a taint tracking module, curious about what other high-level concepts the zero-day analysis tool uses (if it's possible for you to share, I get that you have IP to protect).
Are there any e.g. whitepapers about how the system as a whole works? I'm somewhat knowledgeable about fuzzing and various approaches to that (basic coverage-guided mutation stuff, search-based, grammar-based, etc), curious if that general theory is what the dynamic analysis is based on or if there are other types of dynamic analysis I should go read up on.
π€captain_zavec
PRIS looks interesting however I wouldn't be comfortable uploading firmware blobs to the cloud for analysis by PRIS
π€WindyDaysAreWindy
Just read your article about log4j incident really cool. Keep the good work!
π€waitwatidonteven
π@malwr
How I created a botnet and evaded AV and endpoint detection with one repo
π£bilbo_begones
Great tool to add too and methods, been thinking of making my own but it's like making a puzzle I'm reverse
π€drugged_programmer
π@malwr
π£bilbo_begones
Great tool to add too and methods, been thinking of making my own but it's like making a puzzle I'm reverse
π€drugged_programmer
π@malwr
GitHub
RoseSecurity - Overview
RoseSecurity has 24 repositories available. Follow their code on GitHub.
New SSLKillSwitch, working both jailbroken & non-jailbroken, with many extra features
https://github.com/NyaMisty/ssl-kill-switch3
π£MiscMisty
π@malwr
https://github.com/NyaMisty/ssl-kill-switch3
π£MiscMisty
π@malwr
GitHub
GitHub - NyaMisty/ssl-kill-switch3: Next Generation SSLKillSwitch with much more support!
Next Generation SSLKillSwitch with much more support! - NyaMisty/ssl-kill-switch3
Nice reading from 2020 on backdoored counterfeit Cisco equipment.
Credits @FSecure
https://labs.withsecure.com/content/dam/labs/docs/2020-07-the-fake-cisco.pdf
#backdoor #infosec #malware #cybersecurity
π£0xor0ne
π@malwr
Credits @FSecure
https://labs.withsecure.com/content/dam/labs/docs/2020-07-the-fake-cisco.pdf
#backdoor #infosec #malware #cybersecurity
π£0xor0ne
π@malwr
File Analysis Suite enable you to quickly and efficiently reduce information risk, analyze, optimize, and secure employee access to critical data. See how in @MicroFocusSec's new #DataProtection white paper: http://ms.spr.ly/60125enQj #DataSecurity #DataPrivacy #CyberResilience
π£MicroFocus
π@malwr
π£MicroFocus
π@malwr
Finding the right decompiler for Python bytecode can be a pain because there are so many.
I compiled this table to check the supported versions
π£struppigel
π@malwr
I compiled this table to check the supported versions
π£struppigel
π@malwr
π1
Malware Analysis Series has exactly 450 pages so far:
MAS_1: https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
MAS_2: https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
MAS_3: https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/
MAS_4: https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/
MAS_5: https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/
MAS_6: https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/
MAS_7: https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/
π£ale_sp_brazil
π@malwr
MAS_1: https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/
MAS_2: https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
MAS_3: https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/
MAS_4: https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/
MAS_5: https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/
MAS_6: https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/
MAS_7: https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/
π£ale_sp_brazil
π@malwr
Exploit Reversing
Malware Analysis Series (MAS) β Article 1
The first article of MAS (Malware Analysis Series) is available for reading from: (link): Soon I have enough time, so Iβll publish an HTML version of it. Have an excellent day. Alexandre Borgβ¦
If you want to know what its like to be grilled as a forensic expert watch this. From the Murdaugh trial today.
π£MDCDF
Thanks. I hate it.
π€carandfreedomgeek2
Solid one. Another is the kid in Michigan for that shooting. Thanks for posting a link OP!
π€bigt252002
When does the expert testimony start?
π€FabsudNalteb
π@malwr
π£MDCDF
Thanks. I hate it.
π€carandfreedomgeek2
Solid one. Another is the kid in Michigan for that shooting. Thanks for posting a link OP!
π€bigt252002
When does the expert testimony start?
π€FabsudNalteb
π@malwr
Indirect Prompt Injection on Bing Chat : https://greshake.github.io/
New ways of breaking app-integrated LLMs : https://github.com/greshake/llm-security
Paper : https://arxiv.org/pdf/2302.12173.pdf
π£binitamshah
π@malwr
New ways of breaking app-integrated LLMs : https://github.com/greshake/llm-security
Paper : https://arxiv.org/pdf/2302.12173.pdf
π£binitamshah
π@malwr