Source Byte

windows rootkit dev series Part 1 https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html

Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys https://github.com/S12cybersecurity/WinDefenderKiller

Understanding the PE+ File Format credit :allthingsida [ 01 ] The Headers [ 02 ] Imports [ 03 ] Exports [ 04 ] Entry Points and TLS Callbacks ——— @islemolecule_source

In less than a couple of days, the first fixes for 0-day, discovered as part of the Pwn2Own Vancouver 2024 hacker competition, rolled out. The first deals with out-of-bounds (OOB) writing (CVE-2024-29943) for remote code execution, and the second implements Mozilla Firefox sandbox escape via an untrusted function (CVE-2024-29944). Mozilla says the first vulnerability could allow attackers to access a JavaScript object out of bounds by exploiting range-based bounds checking elimination on affected systems. An attacker was able to perform an out-of-range read or write to a JavaScript object by tricking the elimination of range-based bounds checking. The second flaw is described as privileged execution of JavaScript via event handlers, which could allow an attacker to execute arbitrary code in the parent process of the Firefox Desktop web browser. Mozilla has fixed security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1, blocking potential remote code execution attacks that target unpatched browsers. The speed is certainly encouraging, especially considering that after the Pwn2Own competition, vendors are usually in no hurry to release fixes, counting on a 90-day delay until Trend Micro's Zero Day Initiative reveals them publicly. In addition to Mozilla Firefox, the researcher also successfully uncovered Apple Safari, Google Chrome and Microsoft Edge, whose suppliers are now also analyzing the essence of the problems and preparing their patches. https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29943

R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass) https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/seh-based-buffer-overflow https://www.exploit-db.com/exploits/47122

A Syscall Journey in the Windows Kernel https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/

Table of contents  Chapter 1: The Internal Language of Computers Chapter 2: Combinatorial Logic Chapter 3: Sequential Logic Chapter 4: Computer Anatomy Chapter 5: Computer Architecture Chapter 6: Communications Breakdown Chapter 7: Organizing Data Chapter 8: Language Processing Chapter 9: The Web Browser Chapter 10: Application and System Programming Chapter 11: Shortcuts and Approximations Chapter 12: Deadlocks and Race Conditions Chapter 13: Security Chapter 14: Machine Intelligence Chapter 15: Real-World Considerations

Exploiting the libwebp Vulnerability, Part 2: Diving into Chrome Blink https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_2/

The Interactive IDA Plugin List https://vmallet.github.io/ida-plugins/

TD-LTE Irancell modem TK-2510 can be hacked/unlocked!? | Hardware Hack Part 2 Credit : saeed haghi-pour Language: Persian https://sisoog.com/2024/03/24/the-second-part-of-hardware-hacking/

One of the best channel Best

Windows exploitation by Fu11Shade https://web.archive.org/web/20200506122824/https://fullpwnops.com/windows-exploitation-pathway.html

Reverse engineering blogs and others https://xn--qckyd1c.xn--w8je.xn--tckwe/2021/10/02/Reverse-Engineering-Roadmap/

How to Learn Binary Exploitation Roadmap Courses: pwn.college and Nightmare: Roppers Remix https://www.hoppersroppers.org/roadmap/training/pwning.html