TL;DR

In this [RE]laxing new series, I fully reverse a Linux Backdoor (BPFDoor) from start to finish. In Part 3, we start examining the iptables commands and discover the code for binding the socket.

These extensive "Deep Dive" segments concentrate on dissecting…

Gain insights into the Fluhorse malware campaign as we've managed to fully reverse engineer the malicious Flutter applications. Learn more.…

Contribute to OffenseTeacher/Steganim development by creating an account on GitHub.

После захода солнца в течение 30-60 минут мины хорошо видны через дрон с теплаком. Лететь надо на высоте 60-70 м, мины видны даже в траве, МОН, ПМ, ТМ и т.д. https://t.co/gFnilTvapy #хозяйке_на_заметку

BUS Auditor is a compact multi-protocol tool used for scanning and identifying debugging and communication interfaces exposed on any hardware board. It can brute force several hardware protocols including JTAG, arm SWD, UART, and I2C. The device has 16 channels…

Qbot Analysis: How to Protect Yourself from This Dangerous Malware

Introduction

Guest lecture about Windows Internals (aimed at total beginners), given at the Ruhr-Universität Bochum. Slides: https://mrexodia.github.io/files/wicc-2023-slides.pdf, Materials: https://mrexodia.github.io/files/wicc-2023-materials.zip

Modern Binary Diffing Joxean Koret

This x64dbg plugin allows you to upload your sample to Malcore and view the results. - Internet-2-0/Malcore-x64dbg

Recently, I made the decision to finally publish my tool focused on unpacking, called Shinigami. The idea for Shinigami came to me two years ago, but I never actually implemented it until now. Initially, it was designed to dump implants injected via process…

This article delves into the concept of grey-box fuzzing, focusing on testing closed-source Windows binaries. Grey-box fuzzing allows vulnerability researchers to discover undiscovered vulnerabilities by fuzzing targets without having access to their source…

We present the design and construction of a robot that reliably extracts contents of RAM of modern embedded devices at runtime. We discuss the practical engineering challenges and solutions of adapting the traditional cold-boot attack to non-removable DDR…

The Threat Actor Profile Guide for CTI Analysts. Contribute to curated-intel/Threat-Actor-Profile-Guide development by creating an account on GitHub.