Did you know you can tell IDA to load additional types for Windows API? See how to do that π https://hex-rays.com/blog/igors-tip-of-the-week-140-loading-pdb-types/?utm_source=Social-Media-Post&utm_medium=Twitter&utm_campaign=Igor-Tip-140
#IgorsTipOfTheWeek #IDAtips #IDAProTutorials
π£HexRaysSA
π@malwr
#IgorsTipOfTheWeek #IDAtips #IDAProTutorials
π£HexRaysSA
π@malwr
Check Point has published its April 2023 Global Threat Index report: AgentTesla was the most prevalent malware last month, with an impact of 10% worldwide organizations, followed by Qbot with a global impact of 7%, and Formbook with a global impact of 6%. https://blog.checkpoint.com/security/april-2023s-most-wanted-malware-qbot-launches-substantial-malspam-campaign-and-mirai-makes-its-return/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
JPCERT/CC has observed attacks on cryptocurrency exchanges believed to be related to the DangerousPassword attack campaign (aka CryptoMimic or SnatchCrypto). They describe the new attack technique used recently by DangerousPassword. https://blogs.jpcert.or.jp/en/2023/05/dangerouspassword.html
π£virusbtn
π@malwr
π£virusbtn
π@malwr
π Just released an updated Windows API function cheatsheet! ππ» Level up your skills in #ReverseEngineering #MalwareAnalysis and more with this comprehensive resource. #WindowsAPI #CheatSheet
π Check it out: https://github.com/snowcra5h/windows-api-function-cheatsheets
π£snowcra5h
π@malwr
π Check it out: https://github.com/snowcra5h/windows-api-function-cheatsheets
π£snowcra5h
π@malwr
GitHub
GitHub - 7etsuo/windows-api-function-cheatsheets: A reference of Windows API function calls, including functions for file operationsβ¦
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,...
π2
Guide to Enterprise Patch Management Planning
Source: NIST
Download Link:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£JMonteagudoE
π@malwr
Source: NIST
Download Link:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£JMonteagudoE
π@malwr
Selena Larson (@selenalarson), Joe Wise (@joewise34) & the Proofpoint Threat Research Team examine major landscape shifts and common tactics, techniques & procedures (TTPs) adopted by a variety of threat actors over the last year. https://www.proofpoint.com/us/blog/threat-insight/crime-finds-way-evolution-and-experimentation-cybercrime-ecosystem
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Excited to have several of our engineers @offensive_con this week! Among them will be @yarden_shafir, who gives us an intro to Windows Notification Facility's (WNF) Code Integrity features in our latest blog post.
https://blog.trailofbits.com/2023/05/16/introducing-windows-notification-facilitys-wnf-code-integrity/
π£trailofbits
π@malwr
https://blog.trailofbits.com/2023/05/16/introducing-windows-notification-facilitys-wnf-code-integrity/
π£trailofbits
π@malwr
Latest Certified Ethical Hacker (CEHv12)
Free resources drive, featuring video lectures, PDF
notes, and practical labs - all at your fingertips!
https://mega.nz/folder/xacxzDxI#wPLPpfdk8m8lCmM-X0BbvQ
π£khalilApriday
π@malwr
Free resources drive, featuring video lectures, PDF
notes, and practical labs - all at your fingertips!
https://mega.nz/folder/xacxzDxI#wPLPpfdk8m8lCmM-X0BbvQ
π£khalilApriday
π@malwr
mega.nz
File folder on MEGA
Best of Wireshark Filter Cheat Sheet
Credit: https://cellstream.com/wireshark-profiles-repository/β¦
#infosec #cybersecurity #pentesting #Wireshark #informationsecurity #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #NetworkSecurity #cybersecurityawareness
π£Shubham_pen
π@malwr
Credit: https://cellstream.com/wireshark-profiles-repository/β¦
#infosec #cybersecurity #pentesting #Wireshark #informationsecurity #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #NetworkSecurity #cybersecurityawareness
π£Shubham_pen
π@malwr
π2
DroidFrida: Android app for executing frida scripts directly on your android device
https://github.com/ac3ss0r/DroidFrida/
π£tbbhunter
π@malwr
https://github.com/ac3ss0r/DroidFrida/
π£tbbhunter
π@malwr
GitHub
GitHub - ac3ss0r/DroidFrida: Portable frida injector for rooted android devices.
Portable frida injector for rooted android devices. - ac3ss0r/DroidFrida
𧩠Chrome Extensions - Forensics https://vikas-singh.notion.site/vikas-singh/Chrome-Extensions-Forensics-82d0154c650747a695a776d53a9114fd
π£akaclandestine
π@malwr
π£akaclandestine
π@malwr
Vikas's Notion on Notion
Chrome Extensions - Forensics
Background and Scope
Cisco Talos researchers recently discovered a new ransomware actor called RA Group that has been operating since at least April 22, 2023 using suspected leaked Babuk ransomware source code and targeting companies in the US & South Korea. https://blog.talosintelligence.com/ra-group-ransomware/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Let's start working with the debugger from IDAPython. Easy topics first: process state, debugger modules and debug names. https://youtu.be/rgyTaXkPzfM
π£allthingsida
π@malwr
π£allthingsida
π@malwr
YouTube
IDAPython: Enumerating loaded modules and debug names
In this video, we explain the concept of a process state, how to enumerate loaded modules and debug names
New blog post: Cobalt Strike and YARA - Can I have your signature? https://www.cobaltstrike.com/blog/cobalt-strike-and-yara-can-i-have-your-signature/
π£joehowwolf
π@malwr
π£joehowwolf
π@malwr
DevSecOps Fundamentals Guidebook
Source: DoD
Download Link (PDF):
https://dodcio.defense.gov/Portals/0/Documents/Library/DevSecOps%20Fundamentals%20Guidebook-DevSecOps%20Tools%20and%20Activities_DoD-CIO_20211019.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£CyberInnSummits
π@malwr
Source: DoD
Download Link (PDF):
https://dodcio.defense.gov/Portals/0/Documents/Library/DevSecOps%20Fundamentals%20Guidebook-DevSecOps%20Tools%20and%20Activities_DoD-CIO_20211019.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£CyberInnSummits
π@malwr