Introduction
This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist.
Let’s…

New software supply chain vulnerabilities use artifact poisoning and attack the software development pipelines on projects using GitHub Actions.

Hello fellow red teamers, I was thinking of a way to obfuscate C2 traffic and got myself an idea. Why not chain the traffic over some…

As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support, domestic and foreign. This…

DoS Attacks are Dead: Demystifying Practical DoS Attacks.

An introduction to Ghidra's primary components and the information they provide

Plugin for loading MachO kernelcache and dSYM files to Binary Ninja - skr0x1c0/binja_kc

Whenever I need to debug a protected process, I usually disable the protection in the Kernel so that I can attach a User-mode debugger. This has always served me well until it sort of backfired.

Background
Some time ago, we were playing with some Netgear routers and we learned so much from this target.
However, Netgear recently patched several vulnerabilities in their RAX30 router firmware, including the two vulnerabilities in the DHCP interface…

Vulnerability intelligence that predicts avenues of attack with speed and accuracy.

В этом блоге вы можете найти информацию об актуальных атаках хакерских группировок по всему миру, разбор их инструментов, информацию об инцидентах, TTP группировок, индикаторы компрометации и названия детектов в наших продуктах

In my introductory post I had been talking about dynamic memory allocation and I referenced various solutions that are used to tackle this…

In my last post I had been talking about the heap structure in the context of the ptmalloc allocator. I went through some basic concepts…

This is an opinionated guide. After 12 years of reverse engineering professionally, I have developed strong beliefs on how to get good at RE.

In the previous parts (1, 2) we discussed about the heap structure and we tried to simplify these concepts using a real life example. You…

New software supply chain vulnerabilities use artifact poisoning and attack the software development pipelines on projects using GitHub Actions.

This post is part of a series of articles related to x64 Linux Binary Exploitation techniques. Summarising on my previous posts, we began…

Cyble analyzes DuckLogs - a new Malware-as-a-Service that provides sophisticated malware features to Threat Actors at a relatively low price.