Can we use large language models (LLMs) with IDA? Let's cover ChatGPT, Bard, the Gepetto plugin and the upcoming ask_ida plugin! https://youtu.be/bK80Bt9uRvo
π£allthingsida
π@malwr
π£allthingsida
π@malwr
YouTube
LLMs, ChatGPT, Bard, Gepetto and ask_ida!
In this video we show how you can use tools like ChatGPT or Bard to increase our reverse engineering productivity.
We then mention the Gepetto IDA plugin (by JusticeRage) that uses the OpenAI API to explain functions and rename local variables in the pseudoβ¦
We then mention the Gepetto IDA plugin (by JusticeRage) that uses the OpenAI API to explain functions and rename local variables in the pseudoβ¦
Team Cymru's S2 Research Team present a short update report providing insight into the operation of Vidar, demonstrating the evolution of its management infrastructure and evidence of steps taken by the threat actors to potentially cover their tracks. https://www.team-cymru.com/post/darth-vidar-the-aesir-strike-back
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase http://www.kitploit.com/2023/06/forensia-anti-forensics-tool-for-red.html
π£Dinosn
π@malwr
π£Dinosn
π@malwr
KitPloit - PenTest & Hacking Tools
Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase
List of awesome reverse engineering resources
https://github.com/wtsxDev/reverse-engineering
π£Dinosn
π@malwr
https://github.com/wtsxDev/reverse-engineering
π£Dinosn
π@malwr
GitHub
GitHub - wtsxDev/reverse-engineering: List of awesome reverse engineering resources
List of awesome reverse engineering resources. Contribute to wtsxDev/reverse-engineering development by creating an account on GitHub.
Excellent blog post on reverse engineering and pwning a Google Home Mini smart speaker.
A must read for anyone interested in embedded device security and vulnerability research.
https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html
#iot #embedded #infosec #cybersecurity
π£0xor0ne
π@malwr
A must read for anyone interested in embedded device security and vulnerability research.
https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html
#iot #embedded #infosec #cybersecurity
π£0xor0ne
π@malwr
"Run in Sandbox: a quick way to run/extract files in Windows Sandbox from a right-click":
https://github.com/damienvanrobaeys/Run-in-Sandbox
π£VessOnSecurity
π@malwr
https://github.com/damienvanrobaeys/Run-in-Sandbox
π£VessOnSecurity
π@malwr
GitHub
GitHub - damienvanrobaeys/Run-in-Sandbox: Run PS1, VBS, CMD, EXE, MSI, Intunewin, MSIX, or extract ISO, ZIP in Windows Sandboxβ¦
Run PS1, VBS, CMD, EXE, MSI, Intunewin, MSIX, or extract ISO, ZIP in Windows Sandbox very quickly just from a right-click - damienvanrobaeys/Run-in-Sandbox
π2
Cado Security researchers look into an attack pattern that could be attributed to the threat actor Diicot (formerly βMexalsβ), targeting SSH servers exposed to the internet with password authentication enabled. https://www.cadosecurity.com/tracking-diicot-an-emerging-romanian-threat-actor/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
AhnLab ASEC researchers analyse some cases of the document files used by Kimsuky during May to distribute malicious code. Malicious CHM files were used, with various topics including coins, taxation & contracts. https://asec.ahnlab.com/ko/53426/
π£virusbtn
π@malwr
π£virusbtn
π@malwr
Android App Reverse Engineering 101
https://www.ragingrock.com/AndroidAppRE/
#CyberSecurity #malware
π£0xAsm0d3us
π@malwr
https://www.ragingrock.com/AndroidAppRE/
#CyberSecurity #malware
π£0xAsm0d3us
π@malwr
Windows Triaging with PowerShell:
Part 1: Parsing Event Logs:
https://aditya-pratap9557.medium.com/windows-triaging-with-powershell-part-1-parsing-event-logs-a6748657d150
Part 2: Artifacts Collection:
https://aditya-pratap9557.medium.com/windows-triaging-with-powershell-part-2-artifacts-collection-d28a8a9010cd
π£VessOnSecurity
π@malwr
Part 1: Parsing Event Logs:
https://aditya-pratap9557.medium.com/windows-triaging-with-powershell-part-1-parsing-event-logs-a6748657d150
Part 2: Artifacts Collection:
https://aditya-pratap9557.medium.com/windows-triaging-with-powershell-part-2-artifacts-collection-d28a8a9010cd
π£VessOnSecurity
π@malwr
Medium
Windows Triaging with Powershell β Part 1: Parsing Event Logs
This is the part 1 for Triaging a Windows system with Powershell. On a Windows machine, Event Logs play an important role in determining aβ¦
GitHub - archcloudlabs/HackSpaceCon_Malware_Analysis_Course: Free training course offered at Hack Space Con 2023 https://github.com/archcloudlabs/HackSpaceCon_Malware_Analysis_Course
π£akaclandestine
π@malwr
π£akaclandestine
π@malwr
GitHub
GitHub - archcloudlabs/HackSpaceCon_Malware_Analysis_Course: Free training course offered at Hack Space Con 2023
Free training course offered at Hack Space Con 2023 - archcloudlabs/HackSpaceCon_Malware_Analysis_Course
GitHub - mnrkbys/ma2tl: macOS forensic timeline generator using the analysis result DBs of mac_apt https://github.com/mnrkbys/ma2tl
π£akaclandestine
π@malwr
π£akaclandestine
π@malwr
GitHub
GitHub - mnrkbys/ma2tl: macOS forensic timeline generator using the analysis result DBs of mac_apt
macOS forensic timeline generator using the analysis result DBs of mac_apt - mnrkbys/ma2tl
eSentire researchers present a report on Resident, a malicious campaign targeting manufacturing, commercial & healthcare organizations. The Resident campaign is linked to Asylum Ambuscade/TA866. https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-resident-campaign
π£virusbtn
π@malwr
π£virusbtn
π@malwr
We welcome @doc_guard to VirusTotal! https://blog.virustotal.com/2023/06/virustotal-docguard.html by @karlhiramoto
π£virustotal
π@malwr
π£virustotal
π@malwr
Forwarded from CVE Notify
π¨ CVE-2023-29353
Sysinternals Process Monitor for Windows Denial of Service Vulnerability
π@cveNotify
Sysinternals Process Monitor for Windows Denial of Service Vulnerability
π@cveNotify
Exploiting Windowsβ vulnerabilities with Hyper-V: A Hackerβs swiss army knife https://reversing.info/posts/hyperdeceit/
π£reverseame
π@malwr
π£reverseame
π@malwr
Xyrem Engineering
Exploiting Windows' vulnerabilities with Hyper-V: A Hacker's swiss army knife
In this blog, we explore how to leverage the implementation of the Hyper-V virtualization technology to exploit and attack Windows systems and learn what measures should be taken to mitigate this vulnerability. Join us as we explore the world of Windows hackingβ¦
Callisto - Automated Binary Vulnerability Discovery Tool https://www.reddit.com/r/netsec/comments/14fvrzh/callisto_automated_binary_vulnerability_discovery/
π£Dinosn
π@malwr
π£Dinosn
π@malwr
Reddit
From the netsec community on Reddit: Callisto - Automated Binary Vulnerability Discovery Tool
Explore this post and more from the netsec community
Zscaler ThreatLabz researchers provide detailed insights into the campaigns associated with the RedEnergy stealer-as-a-ransomware malware variant they recently discovered, along with a technical analysis of its stealer & ransomware characteristics. https://www.zscaler.com/blogs/security-research/ransomware-redefined-redenergy-stealer-ransomware-attacks
π£virusbtn
π@malwr
π£virusbtn
π@malwr