π Just released an updated Windows API function cheatsheet! ππ» Level up your skills in #ReverseEngineering #MalwareAnalysis and more with this comprehensive resource. #WindowsAPI #CheatSheet
π Check it out: https://github.com/snowcra5h/windows-api-function-cheatsheets
π£snowcra5h
π@malwr
π Check it out: https://github.com/snowcra5h/windows-api-function-cheatsheets
π£snowcra5h
π@malwr
GitHub
GitHub - 7etsuo/windows-api-function-cheatsheets: A reference of Windows API function calls, including functions for file operationsβ¦
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,...
π2
Guide to Enterprise Patch Management Planning
Source: NIST
Download Link:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£JMonteagudoE
π@malwr
Source: NIST
Download Link:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-40r4.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£JMonteagudoE
π@malwr
Selena Larson (@selenalarson), Joe Wise (@joewise34) & the Proofpoint Threat Research Team examine major landscape shifts and common tactics, techniques & procedures (TTPs) adopted by a variety of threat actors over the last year. https://www.proofpoint.com/us/blog/threat-insight/crime-finds-way-evolution-and-experimentation-cybercrime-ecosystem
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Excited to have several of our engineers @offensive_con this week! Among them will be @yarden_shafir, who gives us an intro to Windows Notification Facility's (WNF) Code Integrity features in our latest blog post.
https://blog.trailofbits.com/2023/05/16/introducing-windows-notification-facilitys-wnf-code-integrity/
π£trailofbits
π@malwr
https://blog.trailofbits.com/2023/05/16/introducing-windows-notification-facilitys-wnf-code-integrity/
π£trailofbits
π@malwr
Latest Certified Ethical Hacker (CEHv12)
Free resources drive, featuring video lectures, PDF
notes, and practical labs - all at your fingertips!
https://mega.nz/folder/xacxzDxI#wPLPpfdk8m8lCmM-X0BbvQ
π£khalilApriday
π@malwr
Free resources drive, featuring video lectures, PDF
notes, and practical labs - all at your fingertips!
https://mega.nz/folder/xacxzDxI#wPLPpfdk8m8lCmM-X0BbvQ
π£khalilApriday
π@malwr
mega.nz
File folder on MEGA
Best of Wireshark Filter Cheat Sheet
Credit: https://cellstream.com/wireshark-profiles-repository/β¦
#infosec #cybersecurity #pentesting #Wireshark #informationsecurity #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #NetworkSecurity #cybersecurityawareness
π£Shubham_pen
π@malwr
Credit: https://cellstream.com/wireshark-profiles-repository/β¦
#infosec #cybersecurity #pentesting #Wireshark #informationsecurity #DataSecurity #CyberSec #bugbountytips #Linux #websecurity #Network #NetworkSecurity #cybersecurityawareness
π£Shubham_pen
π@malwr
π2
DroidFrida: Android app for executing frida scripts directly on your android device
https://github.com/ac3ss0r/DroidFrida/
π£tbbhunter
π@malwr
https://github.com/ac3ss0r/DroidFrida/
π£tbbhunter
π@malwr
GitHub
GitHub - ac3ss0r/DroidFrida: Portable frida injector for rooted android devices.
Portable frida injector for rooted android devices. - ac3ss0r/DroidFrida
𧩠Chrome Extensions - Forensics https://vikas-singh.notion.site/vikas-singh/Chrome-Extensions-Forensics-82d0154c650747a695a776d53a9114fd
π£akaclandestine
π@malwr
π£akaclandestine
π@malwr
Vikas's Notion on Notion
Chrome Extensions - Forensics
Background and Scope
Cisco Talos researchers recently discovered a new ransomware actor called RA Group that has been operating since at least April 22, 2023 using suspected leaked Babuk ransomware source code and targeting companies in the US & South Korea. https://blog.talosintelligence.com/ra-group-ransomware/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Let's start working with the debugger from IDAPython. Easy topics first: process state, debugger modules and debug names. https://youtu.be/rgyTaXkPzfM
π£allthingsida
π@malwr
π£allthingsida
π@malwr
YouTube
IDAPython: Enumerating loaded modules and debug names
In this video, we explain the concept of a process state, how to enumerate loaded modules and debug names
New blog post: Cobalt Strike and YARA - Can I have your signature? https://www.cobaltstrike.com/blog/cobalt-strike-and-yara-can-i-have-your-signature/
π£joehowwolf
π@malwr
π£joehowwolf
π@malwr
DevSecOps Fundamentals Guidebook
Source: DoD
Download Link (PDF):
https://dodcio.defense.gov/Portals/0/Documents/Library/DevSecOps%20Fundamentals%20Guidebook-DevSecOps%20Tools%20and%20Activities_DoD-CIO_20211019.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£CyberInnSummits
π@malwr
Source: DoD
Download Link (PDF):
https://dodcio.defense.gov/Portals/0/Documents/Library/DevSecOps%20Fundamentals%20Guidebook-DevSecOps%20Tools%20and%20Activities_DoD-CIO_20211019.pdf
For more unique resources and tools for the cyber community, please visit:
https://cyberstartupobservatory.com/cyber-startup-observatory-community/
#CyberSecurity #InfoSec #InformationSecurity
π£CyberInnSummits
π@malwr
Checkpoint researchers have discovered & analysed a malicious firmware implant tailored for TP-Link routers, used in campaigns linked to Chinese APT group Camaro Dragon. The Horse Shell router implant provides remote shell, file transfer & SOCKS tunneling https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Secureworks researchers look into the infostealer ecosystem. The evolution of criminal marketplaces allows relatively low-skilled threat actors to access tools with advanced capabilities to attack many victims. https://www.secureworks.com/research/the-growing-threat-from-infostealers
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Zscaler's Santiago Vicente & Brett Stone-Gross present a technical analysis of the CryptNet ransomware and look at its close relationship with the Yashma ransomware. https://www.zscaler.com/blogs/security-research/technical-analysis-cryptnet-ransomware
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Symantec researchers analyse the Merdoor backdoor, used very selectively by the Lancefly threat group in attacks targeting organizations in South and Southeast Asia. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lancefly-merdoor-zxshell-custom-backdoor
π£virusbtn
π@malwr
π£virusbtn
π@malwr