Reverse Engineering – Telegram

Reverse Engineering

@reverseengineeringx

4.82K subscribers

106 photos

1 video

18 files

458 links

Everything is open-source.

The official community group: @reverseengineeringz

Download Telegram

About

Blog

Apps

Platform

Reverse Engineering

4.82K subscribers

Reverse Engineering

Double Trouble: RevengeRAT and WSHRAT

https://www.fortinet.com/blog/threat-research/malware-analysis-revenge-rat-sample.html

3.62K views22:27

Reverse Engineering

redress
go reverse engineering toolkit

https://go-re.tk/redress/

3.55K views12:59

Reverse Engineering

Various public documents, whitepapers and articles about APT campaigns

https://github.com/kbandla/APTnotes

GitHub - kbandla/APTnotes: Various public documents, whitepapers and articles about APT campaigns

Various public documents, whitepapers and articles about APT campaigns - kbandla/APTnotes

3.94K views00:26

Reverse Engineering

Standard Windows processes: a brief reference

https://www.andreafortuna.org/2017/06/15/standard-windows-processes-a-brief-reference/

Standard Windows processes: a brief reference

Useful in forensics analysis and incident response During the analysis phase, after (for example) a system compromization, is very important to know the standard Windows processes, in order to have a ‘baseline’ useful to make a ‘diff’ with the compromised…

3.86K views12:49

Reverse Engineering

https://www.youtube.com/watch?v=MhDtaFqcLUM

Setting Up Ghidra Server

We are setting up a Ghidra Server on Ubuntu 18.04 and connecting to it with TWO different users operating on Windows 7 so they can collaborate and share!

How to Install Windows VMs on Proxmox:
https://youtu.be/PTGn7yfA5B0

How to Install Ghidra on Windows:…

3.49K views06:54

Reverse Engineering

https://www.youtube.com/watch?v=DOe7WTuJ1Ac

Parent Process Spoofing and Session Prepping with Cobalt Strike

This video demonstrates Cobalt Strike 3.8's ability to run processes with an alternate parent.https://www.cobaltstrike.com/

3.78K views08:02

Reverse Engineering

Analyzing Metasploit Payloads

https://hatching.io/blog/metasploit-payloads/

Hatching - Automated malware analysis solutions

Automated malware analysis with Hatching Triage, the high-volume sandbox solution for SOCs, CERTs, SOARs, and MSSPs.

3.75K views08:03

Reverse Engineering

https://www.youtube.com/watch?v=Ml8bfFs_Tp8&t=5612s

4.08K views12:02

Reverse Engineering

https://tuanlinh.gitbook.io/ctf/golang-function-name-obfuscation-how-to-fool-analysis-tools

4.21K views03:05

Reverse Engineering

Simple windows API logger

https://github.com/d35ha/xLogger

GitHub - d35ha/xLogger: Simple windows API logger

Simple windows API logger. Contribute to d35ha/xLogger development by creating an account on GitHub.

4.31K views04:57

Reverse Engineering

https://www.youtube.com/watch?v=pj20pGBV8PA

DalvikDebugTut01 Android Ida Pro Debugging

4.35K views15:17

Reverse Engineering

Dalvik opcodes

http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html

pallergabor.uw.hu

4.14K views16:15

Reverse Engineering

VBA Stomping - Advanced Maldoc Techniques

https://medium.com/walmartlabs/vba-stomping-advanced-maldoc-techniques-612c484ab278

VBA Stomping — Advanced Maldoc Techniques

Authors: Kirk Sayre (@bigmacjpg), Harold Ogden (@haroldogden) and Carrie Roberts (@OrOneEqualsOne)

4.43K views05:49

Reverse Engineering

https://www.youtube.com/watch?v=JPvcLLYR0tE

IRC Botnet Reverse Engineering Part 1 - Preparing Binary for Analysis in IDA PRO

The first part of our in-depth malware reverse engineering series analyzing an IRC worm from 2010. In this part we use IDA Pro and Python to decrypt the strings and resolved the dynamic imports to prepare the binary for analysis....

-----
OALABS DISCORD…

5.03K views09:06

Reverse Engineering

Ghidra Extension to integrate BinDiff for function matching

https://github.com/ubfx/BinDiffHelper

GitHub - ubfx/BinDiffHelper: Ghidra Extension to integrate BinDiff for function matching

Ghidra Extension to integrate BinDiff for function matching - ubfx/BinDiffHelper

5.18K views13:17

Reverse Engineering

DynamoRIO

DynamoRIO is a runtime code manipulation system that supports code transformations on any part of a program, while it executes. DynamoRIO exports an interface for building dynamic tools for a wide variety of uses: program analysis and understanding, profiling, instrumentation, optimization, translation, etc.

https://github.com/DynamoRIO/dynamorio

GitHub - DynamoRIO/dynamorio: Dynamic Instrumentation Tool Platform

Dynamic Instrumentation Tool Platform. Contribute to DynamoRIO/dynamorio development by creating an account on GitHub.

5.58K views06:04

Reverse Engineering

emerald
Import DynamoRIO drcov code coverage data into Ghidra

https://github.com/reb311ion/emerald

4.77K views05:41

Reverse Engineering

sysmon-modular

a sysmon configuration repository for everybody to customise

https://github.com/olafhartong/sysmon-modular

4.96K views07:08

Reverse Engineering

sysmon-config

a sysmon configuration file for everybody to fork

https://github.com/SwiftOnSecurity/sysmon-config

GitHub - SwiftOnSecurity/sysmon-config: Sysmon configuration file template with default high-quality event tracing

Sysmon configuration file template with default high-quality event tracing - SwiftOnSecurity/sysmon-config

5.24K views07:11

Reverse Engineering

https://youtu.be/FAFuSO9oAl0

IRC Botnet Reverse Engineering Part 3 - How To Sinkhole A Botnet

This is the final part or our in-depth malware reverse engineering series analyzing an IRC worm from 2010. In this part we perform a final high level analysis of the malware then then use our analysis to build a sinkhole for the botnet!

-----
OALABS DISCORD…

4.57K views20:00