Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings
https://embee-research.ghost.io/ghidra-basics-identifying-and-decoding-encrypted-strings/
https://embee-research.ghost.io/ghidra-basics-identifying-and-decoding-encrypted-strings/
Embee Research
How To Use Ghidra For Malware Analysis - Identifying, Decoding and Fixing Encrypted Strings
Manual identification, decryption and fixing of encrypted strings using Ghidra and x32dbg.
Bypassing UAC via COM component IARPUninstallStringLauncher
https://3gstudent.github.io/通过COM组件IARPUninstallStringLauncher绕过UAC
https://3gstudent.github.io/通过COM组件IARPUninstallStringLauncher绕过UAC
3gstudent-Blog
通过COM组件IARPUninstallStringLauncher绕过UAC
0x00 前言
Reverse engineering Android 2FA OTP application
https://marcoguerri.github.io/2023/09/09/android-home-banking.html
https://marcoguerri.github.io/2023/09/09/android-home-banking.html
marcoguerri
Reverse engineering Android 2FA OTP application
As part of my disaster recovery plan, I want to have offline backup of 2FA codes for online banking to generate OTPs without my phone in case of emergency. This required reverse engineering my bank’s Android OTP application, that I expected would reveal some…
Powershell Tips & Tricks(RTC0024)
https://redteamrecipe.com/powershell-tips-tricks/
https://redteamrecipe.com/powershell-tips-tricks/
ExpiredDomains.com
redteamrecipe.com is for sale! Check it out on ExpiredDomains.com
Buy redteamrecipe.com for 195 on GoDaddy via ExpiredDomains.com. This premium expired .com domain is ideal for establishing a strong online identity.
🔥3
👍4
Mapping Virtual to Physical Adresses Using Superfetch
https://www.outflank.nl/blog/2023/12/14/mapping-virtual-to-physical-adresses-using-superfetch/
https://www.outflank.nl/blog/2023/12/14/mapping-virtual-to-physical-adresses-using-superfetch/
pandora
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers:
- Chromium
- 1Password
- Firefox
- Dashlane
- Keeper
- LastPass
- Roboform
- Bitwarden
- Norton
- Bitdefender
- Ironvest
- Passwarden
- Avira
- Passwordboss
https://github.com/efchatz/pandora
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers:
- Chromium
- 1Password
- Firefox
- Dashlane
- Keeper
- LastPass
- Roboform
- Bitwarden
- Norton
- Bitdefender
- Ironvest
- Passwarden
- Avira
- Passwordboss
https://github.com/efchatz/pandora
GitHub
GitHub - efchatz/pandora: A red team tool that assists into extracting/dumping master credentials and/or entries from different…
A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers. - efchatz/pandora
🔥4
A useful resource containing information about all the CVEs that Microsoft patches in its monthly updates.
https://patchapalooza.com/
https://patchapalooza.com/
🔥3
AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
https://github.com/Krypteria/AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
https://github.com/Krypteria/AtlasLdr
GitHub
GitHub - Krypteria/AtlasLdr: Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls - Krypteria/AtlasLdr
🔥3
The art of subdomain monitoring
https://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031
https://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031
🔥4
SMTP Smuggling - Spoofing E-Mails Worldwide
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
SEC Consult
SMTP Smuggling - Spoofing E-Mails Worldwide
Introducing a novel technique for e-mail spoofing
✍3🔥2👍1👏1
By combining Frida with an enhanced version of Tenet, Frinet facilitates the study of large programs, vulnerability research and root-cause analysis on iOS, Android, Windows and most architectures.
https://www.synacktiv.com/publications/frinet-reverse-engineering-made-easier
https://www.synacktiv.com/publications/frinet-reverse-engineering-made-easier
Synacktiv
Frinet: reverse-engineering made easier
Ghidriff: Ghidra Binary Diffing Engine
https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/
https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/
clearbluejar
Ghidriff: Ghidra Binary Diffing Engine
As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerability research, and malware analysis. Patch diffing is a technique widely used to identify changes across versions of binaries as related to security…
Amass: New Config File Update
https://medium.com/@hackerassociate/amass-new-config-file-update-e95d09b6eb70
https://medium.com/@hackerassociate/amass-new-config-file-update-e95d09b6eb70
Medium
Amass: New Config File Update
Bug Bounty Tutorial
🔥4👏1
Breaking Fortinet Firmware Encryption
https://bishopfox.com/blog/breaking-fortinet-firmware-encryption
https://bishopfox.com/blog/breaking-fortinet-firmware-encryption
Bishop Fox
Breaking Fortinet Firmware Encryption
Review our latest Fortinet analysis that breaks encryption on firmware images, leading to improved detection, fingerprinting, and exploit development.
🔥2