现已上线!2025 年 Telegram 研究 — 年度关键洞察 
Source Byte
前往频道在 Telegram
هشیار کسی باید کز عشق بپرهیزد وین طبع که من دارم با عقل نیامیزد Saadi Shirazi 187
显示更多7 850
订阅者
+124 小时
+287 天
+16930 天
帖子存档
7 849
Fuzzing in the 2020s:
Novel Approaches and Solutions
Thèse présentée et soutenue à Biot, le 8/12/2023, par
Andrea Fioraldi
#Fuzzing
7 849
Right-to-Left Override (RLO) Extension Spoofing
Rename-Item -Path malware.exe -NewName ("Ann" + ( [char]0x202E) + "gepj.exe")malware.exe becomes Annexe.jpeg
https://attack.mitre.org/techniques/T1036/002/7 849
Repost from Forensic In persian
سلام و درود خدمت تمامی همراههای کانال فورنزیک به فارسی
ضمن آرزوی قبولی طاعات و عبادات قبلاً به شما قبلاً قول داده بودم که یک کتاب جامع و عملی در حوزه تحلیل بدافزار برای شما آماده کنم.
در این پست قصد دارم کتاب عملی تحلیل بدافزاری رو که بهتون قول داده بودم رو رونمایی کنم؛ توی این کتاب طی 200 صفحه به صورت کاملاً عملی، علمی و کاربردی به آموزش موضوع پرداختیم.
به جرأت میشه گفت که کاملترین کتاب تحلیل بدافزاری هست که به زبان فارسی منتشر شده، قطعاً از مطالعه کتاب لذت خواهید برد. سوالاتتون رو حتماً از ما (از طریق ایمیل) بپرسید در کوتاه ترین زمان پاسخگوی شما خواهیم بود.
رمز فایل : @forensicIR
MD5 Hash: DA31226349D1B594D749D411315A2A78
#MalwareAnalysis #تحلیل_بدافزار #تیم_آبی
7 849
Repost from white2hack 📚
+1Hacking Windows, first edition, Kevin Thomas, 2022
On November 20, 1985, Microsoft introduced the Windows operating environment which was nothing more than a graphical operating shell for MS-DOS.
Today we begin our journey into the Win32API. This book will take you step-by-step writing very simple Win32API’s in both x86 and x64 platforms in C and then reversing them both very carefully using the world’s most popular Hey Rays IDA Free tool which is a stripped down version of the IDA Pro tool used in more professional Reverse Engineering environments. Let’s begin...
#book #windows
7 849
IDA plugin to display the calls and strings referenced by a function as hints.
https://gist.github.com/williballenthin/eeea2093888e8d4004ec06b5a1dede1e
7 849
Rhadamanthys –deep dive into the stealer’s components
https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components/
7 849
Rhadamanthys v0.5.0 – a deep dive into the stealer’s components
https://research.checkpoint.com/2023/rhadamanthys-v0-5-0-a-deep-dive-into-the-stealers-components/
7 849
Repost from white2hack 📚
Advanced Software Exploitation by Ptrace Security, 2019
In the first half of the course, attendees will use fuzzing, reverse engineering, and source code auditing, to attack a wide variety of applications (e.g. iTunes, Firefox, Vulnserver, etc.) and then use proven exploitation techniques to develop an exploit for one of the VMs (Windows 7, Windows 8.1 and Windows 10).
Then, in the second half of the course, the focus will shift from classic vulnerabilities to more advanced ones. In this section, students will learn how to escape Java sandbox using a type confusion vulnerability, how to circumvent the ASLR without pointer leaks, and how to use precise heap spraying, just to name a few.
By the end of this course, students will know how to find software vulnerabilities using fuzzing, reverse engineering, and source code auditing, and then how to write their own exploits in Python, JavaScript, or Java.
GitHub
About the course
Official page
#education #reverse #coding #python
7 849
Anatomy of Offensive Tool Development
credit : Alex Reid
https://redsiege.com/blog/2024/01/graphstrike-developer/
7 849
Donex a new ransomware gang malware technical analysis
https://www.shadowstackre.com/analysis/donex
#malware_analysis
7 849
UNDERSTANDING A PAYLOAD’S LIFE
Featuring Meterpreter & other guests
credit : Daniel López Jiménez
7 849
winsos-poc: A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
https://github.com/thiagopeixoto/winsos-poc.git
