A Very Cool Process Injector That supports both Shellcode injection and dll injection
https://github.com/B4shCr00k/R4venInject0r
π@malwr
https://github.com/B4shCr00k/R4venInject0r
π@malwr
GitHub
GitHub - pseud0c1de/R4venInject0r: A Very Cool Process Injector That supports both Shellcode injection and dll injection
A Very Cool Process Injector That supports both Shellcode injection and dll injection - pseud0c1de/R4venInject0r
sigmaker is an IDA Pro 9.0+ cross-platform signature maker plugin that works on MacOS/Linux/Windows. It allows configurable wildcard operand patterns and signature generation just by right clicking.
https://github.com/mahmoudimus/ida-sigmaker
π@malwr
https://github.com/mahmoudimus/ida-sigmaker
π@malwr
GitHub
GitHub - mahmoudimus/ida-sigmaker: sigmaker is a zero-dependency IDA Pro 9.0+ cross-platform signature maker plugin with optionalβ¦
sigmaker is a zero-dependency IDA Pro 9.0+ cross-platform signature maker plugin with optional SIMD (e.g. AVX2/NEON/SSE2) speedups that works on MacOS/Linux/Windows. It allows configurable wildcard...
β€1
Multi-architecture emulation for the modern era.
https://github.com/styx-emulator/styx-emulator
π@malwr
https://github.com/styx-emulator/styx-emulator
π@malwr
GitHub
GitHub - styx-emulator/styx-emulator: Multi-architecture emulation for the modern era.
Multi-architecture emulation for the modern era. Contribute to styx-emulator/styx-emulator development by creating an account on GitHub.
Electron Research in Desktop apps [Part 1]
https://blog.securelayer7.net/electron-app-security-risks/
π@malwr
https://blog.securelayer7.net/electron-app-security-risks/
π@malwr
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Electron Research in Desktop apps [Part 1]
What's electron?, the design of electron desktop app, the story bug of the bug, the static code of the bug and how to find it, how to develop it and explain the code, explain how to discover it,...
CISA Shares Lessons Learned from an Incident Response Engagement
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a
π@malwr
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a
π@malwr
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Electron Research in Desktop apps [Part 1]
What's electron?, the design of electron desktop app, the story bug of the bug, the static code of the bug and how to find it, how to develop it and explain the code, explain how to discover it,...
β€1π1
During analysis of an Android banking trojan, you notice it requests the Accessibility Service. What is the most likely purpose?
Final Results
80%
To capture screen taps and keystrokes
8%
To disable Play Store protections
7%
To bypass network encryption
5%
To spoof device geolocation
π4π1
While analyzing a malicious MSI installer, you see custom actions triggered during installation. What should you examine first?
Final Results
68%
Embedded scripts in the MSI tables
4%
MSI icon resources
12%
Installer digital signature
17%
Default installation path
β€1
You find a malicious Word doc that spawns eqnedt32.exe. What is this behavior linked to?
Final Results
30%
Hiding payload inside OLE package
52%
Exploiting legacy Office equation editor
10%
Blocking macro detection in Word
8%
Using ActiveX to download scripts
π6
A phishing attachment executes an HTA script that loads PowerShell via COM. How do you capture the executed commands?
Final Results
11%
Only capture network traffic
21%
Disassemble the HTA file statically
8%
Search browser history for executed URLs
61%
Enable PowerShell script block logging before executing the sample
β€2
Forwarded from CVE Notify
π¨ CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
π@cveNotify
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
π@cveNotify
react.dev
Critical Security Vulnerability in React Server Components β React
The library for web and native user interfaces
β€6π1