Writing a Debugger From Scratch - DbgRs Part 2 - Register State and Stepping https://www.timdbg.com/posts/writing-a-debugger-from-scratch-part-2/ #Pentesting #Debugging #CyberSecurity #Infosec
🗣ptracesecurity
🎖@malwr
🗣ptracesecurity
🎖@malwr
🔥1
AhnLab ASEC researchers look into attacks against poorly managed MS-SQL servers. The threat actors used not only Cobalt Strike but also the Netcat tool in their attacks, along with other malware for privilege escalation, information theft & proxy tools. https://asec.ahnlab.com/en/49249/
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
#Fortinet released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. More: http://cisa.gov/news-events/alerts/2023/03/09/fortinet-releases-march-2023-vulnerability-advisories #Cybersecurity #InfoSec #VulnerabilityManagement
🗣CISACyber
🎖@malwr
🗣CISACyber
🎖@malwr
vmlinux-to-elf is a useful tool for converting vmlinux/vmlinuz/bzImage/zImage kernel images to and ELF file that can be analyzed with IDA and Ghidra.
https://github.com/marin-m/vmlinux-to-elf
#Linux #kernel #reverseengineering #tool
🗣0xor0ne
🎖@malwr
https://github.com/marin-m/vmlinux-to-elf
#Linux #kernel #reverseengineering #tool
🗣0xor0ne
🎖@malwr
👍1
Malware Development for Dummies : https://github.com/chvancooten/maldev-for-dummies credits @chvancooten
🗣binitamshah
🎖@malwr
🗣binitamshah
🎖@malwr
GitHub
GitHub - chvancooten/maldev-for-dummies: A workshop about Malware Development
A workshop about Malware Development. Contribute to chvancooten/maldev-for-dummies development by creating an account on GitHub.
Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64 Linux devices : https://github.com/ptitSeb/box64
Box86 - Linux Userspace x86 Emulator with a twist, targeted at ARM Linux devices : https://github.com/ptitSeb/box86
🗣binitamshah
🎖@malwr
Box86 - Linux Userspace x86 Emulator with a twist, targeted at ARM Linux devices : https://github.com/ptitSeb/box86
🗣binitamshah
🎖@malwr
GitHub
GitHub - ptitSeb/box64: Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64, RV64 and LoongArch Linux devices
Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64, RV64 and LoongArch Linux devices - ptitSeb/box64
A dive into the PE file format - PE file structure (Part 6) : PE Base Relocations : https://0xrick.github.io/win-internals/pe7/
5 : https://0xrick.github.io/win-internals/pe6/
4 : https://0xrick.github.io/win-internals/pe5/
3 : https://0xrick.github.io/win-internals/pe4/
2 : https://0xrick.github.io/win-internals/pe3/
Writing a PE Parser : https://0xrick.github.io/win-internals/pe8/
🗣binitamshah
🎖@malwr
5 : https://0xrick.github.io/win-internals/pe6/
4 : https://0xrick.github.io/win-internals/pe5/
3 : https://0xrick.github.io/win-internals/pe4/
2 : https://0xrick.github.io/win-internals/pe3/
Writing a PE Parser : https://0xrick.github.io/win-internals/pe8/
🗣binitamshah
🎖@malwr
0xRick's Blog
A dive into the PE file format - PE file structure - Part 6: PE Base Relocations
A dive into the PE file format - PE file structure - Part 6: PE Base Relocations Introduction In this post we’re going to talk about PE base relocations. We’re going to discuss what relocations are, then we’ll take a look at the relocation table. Relocations…
❤1
Cyber Security Resources
Thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
https://github.com/The-Art-of-Hacking/h4cker
#i… https://t.me/hackgit/7855
🗣hack_git
🎖@malwr
Thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
https://github.com/The-Art-of-Hacking/h4cker
#i… https://t.me/hackgit/7855
🗣hack_git
🎖@malwr
Attacking .NET services : https://www.securifera.com/blog/2023/03/06/attacking-net-web-services/ credits @Securifera
🗣binitamshah
🎖@malwr
🗣binitamshah
🎖@malwr
Securifera
Attacking .NET Web Services
This article is in no way affiliated, sponsored, or endorsed with/by Siemens Healthineers or Microsoft Corporation. All graphics are being displayed under fair use for the purposes of this article.
Last year I spent some time looking for vulnerabilities…
Last year I spent some time looking for vulnerabilities…
I've made my recent Ghidra improments into one repository:
Ghidra's IDA like experience by @NyaMisty
https://github.com/NyaMisty/GhidraIDA
🗣MiscMisty
🎖@malwr
Ghidra's IDA like experience by @NyaMisty
https://github.com/NyaMisty/GhidraIDA
🗣MiscMisty
🎖@malwr
GitHub
GitHub - NyaMisty/GhidraIDA: Ghidra's IDA like experience by @NyaMisty
Ghidra's IDA like experience by @NyaMisty. Contribute to NyaMisty/GhidraIDA development by creating an account on GitHub.
Exploring iOS Applications with Frida and Objection: Basic Commands for Pentesting
https://link.medium.com/PNqr6rWs6xb
#Security #Pentesting #SecurityEveryday #BugBounty #Pentest #AppSec
🗣busk3r
🎖@malwr
https://link.medium.com/PNqr6rWs6xb
#Security #Pentesting #SecurityEveryday #BugBounty #Pentest #AppSec
🗣busk3r
🎖@malwr
Medium
Exploring iOS Applications with Frida and Objection: Basic Commands for Pentesting
Mobile application Pentesting is an essential part of securing any organization’s mobile assets. To perform thorough penetration testing, a…
(1/2)
Here's a list of a few tools that can be useful for firmware unpacking, repacking and
analysis
binwalk: https://github.com/ReFirmLabs/binwalk
EMBA: https://github.com/e-m-b-a/emba
unblob: https://github.com/onekey-sec/unblob
#iot #embedded #reverseengineering #infosec ##cybersecurity
🗣0xor0ne
🎖@malwr
Here's a list of a few tools that can be useful for firmware unpacking, repacking and
analysis
binwalk: https://github.com/ReFirmLabs/binwalk
EMBA: https://github.com/e-m-b-a/emba
unblob: https://github.com/onekey-sec/unblob
#iot #embedded #reverseengineering #infosec ##cybersecurity
🗣0xor0ne
🎖@malwr
Researchers from Palo Alto Networks' Unit 42 Team recently discovered a new sample of Golang-based malware. GoBruteforcer targets web servers, specifically those running phpMyAdmin, MySQL, FTP and Postgres services. https://unit42.paloaltonetworks.com/gobruteforcer-golang-botnet/
🗣virusbtn
🎖@malwr
🗣virusbtn
🎖@malwr
Linux Kernel Rootkits:
Part 3: A Backdoor to Root : https://xcellerator.github.io/posts/linux_rootkits_03/
Part 2: Ftrace and Function Hooking : https://xcellerator.github.io/posts/linux_rootkits_02/
Part 1: Introduction and Workflow : https://xcellerator.github.io/posts/linux_rootkits_01/ @TheXcellerator
DIY Linux Kernel Rootkit Detection : https://unfinished.bike/diy-linux-kernel-rootkit-detection
🗣binitamshah
🎖@malwr
Part 3: A Backdoor to Root : https://xcellerator.github.io/posts/linux_rootkits_03/
Part 2: Ftrace and Function Hooking : https://xcellerator.github.io/posts/linux_rootkits_02/
Part 1: Introduction and Workflow : https://xcellerator.github.io/posts/linux_rootkits_01/ @TheXcellerator
DIY Linux Kernel Rootkit Detection : https://unfinished.bike/diy-linux-kernel-rootkit-detection
🗣binitamshah
🎖@malwr
Linux Rootkits Part 3: A Backdoor to Root
Linux Rootkits Part 3: A Backdoor to Root :: TheXcellerator
Now that you know how to make a Linux kernel module that can hook any exposed function in kernel memory (Part 1 and Part 2), let’s get down to writing a hook that does something interesting!
In this first example, we’re going to make a rootkit that intercepts…
In this first example, we’re going to make a rootkit that intercepts…
Google Cloud Platform Exfiltration : A Threat Hunting Guide : https://www.mitiga.io/blog/google-cloud-platform-exfiltration-a-threat-hunting-guide
🗣binitamshah
🎖@malwr
🗣binitamshah
🎖@malwr