Available now! Telegram Research 2025 — the year's key insights 
Source Byte
Open in Telegram
هشیار کسی باید کز عشق بپرهیزد وین طبع که من دارم با عقل نیامیزد Saadi Shirazi 187
Show more7 848
Subscribers
-524 hours
+437 days
+17230 days
Posts Archive
7 850
How APT groups operate in the Middle East
The Middle East is a target for APT groups How cybercriminals prepared for attacks Gaining initial access Persisting in the system What to study inside Where to find credentials How to collect valuable information Communicating with the C&C server How to cover the tracks How to resist APT attacks About the report Brief description of APT groups Heat map of APT tactics and techniques in the Middle Easthttps://www.ptsecurity.com/ww-en/analytics/apt-groups-in-the-middle-east/ ——— @islemolecule_source
7 850
In- the- Wild Windows LPE 0- days: Insights & Detection Strategies
This article will evaluate detection methods for Windows local privilege escalation techniques based on dynamic behaviors analysis using Elastic Defend features.
credit : SAMIR BOUSSEADEN
https://www.elastic.co/security-labs/itw-windows-lpe-0days-insights-and-detection-strategies
———
@islemolecule_source
7 850
Dev 101: Bypassing ASLR on windows
“Note: This post is quite theoretical (yuk!) but I’ll work on providing a hands-on demo sometime in the future. Also given the current mitigations in Windows, you’ll need much more than bypassing ASLR”
https://www.abatchy.com/2017/06/exploit-dev-101-bypassing-aslr-on.html
7 850
Windows Session Hijacking via CcmExec
https://cloud.google.com/blog/topics/threat-intelligence/windows-session-hijacking-via-ccmexec
7 850
Nim programming which malware developers like that
Nim's cross-compilation features empower attackers to write a single malware variant, which can then be cross-compiled to target different platforms
a good candidate for writing software in a wide variety of application domains, ranging from web applications to kernels
7 850
📹 CppCon 2017: James McNellis “Everything You Ever Wanted to Know about DLLs”
👤 CppCon
7 850
Massimiliano Tomassoli papers in exploitation
https://github.com/mtomassoli/papers/tree/master
7 850
Urgent security alert for Fedora Linux 40 and Fedora Rawhide users
The xz package tar's were backdoored.
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
https://twitter.com/badsectorlabs/status/1773759444486177023
7 850
Repost from SoheilSec
first set of YARA rules to detect the backdoored XZ packages
report:
https://www.openwall.com/lists/oss-security/2024/03/29/4
rules:
https://github.com/Neo23x0/signature-base/blob/master/yara/bkdr_xz_util_cve_2024_3094.yar
7 850
Repost from APT
🖼️ Bypass Medium Paywall
A little lifehack if you, like me, come across paid articles from Medium. These sites allow you to read paid Medium articles for free:
🔗 https://freedium.cfd/<URL>
🔗 https://medium-forall.vercel.app/
#medium #premium #bypass
7 850
Structure-Aware linux kernel Fuzzing with libFuzzer
I decided to experiment with KCOV and see how I can hook it into libfuzzer and boot the kernel without spending too much on building a root file system.credit: Meysam https://r00tkitsmm.github.io/fuzzing/2024/03/27/libffuzzerkernel.html
7 850
Low-Level x86-64 Architecture, Linking & Loading, Memory Management, etc...
from SANS sec660.4 (Exploiting Linux for Penetration Testers)
credit: Stephen Sims
https://www.youtube.com/watch?v=I37AJebKh2Y
———
@islemolecule_source
7 850
AWE Prep
OffSec EXP-401 Advanced Windows Exploitation (AWE)
credit : talson
Windows Kernel Exploitation Ghidra Setup & Tips Browser Exploitation Hypervisor Exploitationhttps://talson.notion.site/AWE-Prep-c820706e05be43cf9fb434625914c171
7 850
Go 101
an up-to-date knowledge base for Go programming self learning
https://go101.org/
-= Go (Fundamentals) 101 =- -= Go Generics 101 =- -= Go Optimizations 101 =- -= Go Details & Tips 101 =- -= Go Quizzes 101 =- -= Go 101 Apps & Libs =- -= Go 101 Blog =-——— @islemolecule_source
