Available now! Telegram Research 2025 â the year's key insights 
Source Byte
Open in Telegram
ŲØ´ÛØ§Øą ÚŠØŗÛ Ø¨Ø§Ûد ÚŠØ˛ ؚشŲ بŲžØąŲÛØ˛Ø¯ ŲÛŲ ØˇØ¨Øš ÚŠŲ Ų Ų Ø¯Ø§ØąŲ با ØšŲŲ ŲÛاŲ ÛØ˛Ø¯ Saadi Shirazi 187
Show more7 857
Subscribers
+1124 hours
+557 days
+19430 days
Posts Archive
7 855
A set of programs for analyzing common vulnerabilities in COM
PS A:\mzhmo> .\PermissionHunter.exe -h ,
-. \ .-'
,-"````""-\__ | /
'-.._ _.-' '-o,
_>--:{{< ) |)
.-'' '-.__.-o
'-._..-/ | \
,-' / -.
`
PermissionHunter - hunt for incorrect LaunchPermission and ActivatePermission
CICADA8 Research Team
From Michael Zhmaylo (MzHmO)
PermissionHunter.exe
Small tool that allows you to find vulnerable COM objects with incorrect LaunchPermission and ActivatePermission
[OPTIONS]
-outfile : output filename
-outformat : output format. Accepted 'csv' and 'xlsx'
-h/--help : shows this windows
CICADA8-Research
#windows #com7 855
Repost from Infosec Fortress
Windows 10 Segment Heap Internals
#binary
#windows
#internals
âââ
đ @Infosec_Fortress
7 855
RedTeam Workshop - Part 2
+ Description of the simulation scenario + Overview on TTP Explanation + why we chose Cobalt Strike CS + Simulation of IA Tactics Initial Access + T1189 | Drive by compromise + T1566.001 | Spear-Phishing Attachment Defense Evasion + T1027.006 | HTML smugglinghttps://www.youtube.com/watch?v=mRl7o7Uq-IE slides / notes : https://github.com/soheilsec/RT-workshop-2024 credit : @soheilsec language : persian
7 855
The (Anti-)EDR Compendium
EDR functionality and bypasses in 2024, with focus on undetected shellcode loader.
https://blog.deeb.ch/posts/how-edr-works/
7 855
Analysis of a Caddy Wiper Sample Targeting Ukraine
Credit: Ali Mosajjal
FindFirstFileA FindNextFileA CreateFileA GetFileSize LocalAlloc SetFilePointer WriteFile LocalFree CloseHandle FindClosehttps://blog.n0p.me/2022/03/2022-03-26-caddywiper/
7 855
RedTeam Workshop - Part 1
+ What is RedTeam + What is APT Group + Types of Hackers + Why RedTeam Matters + The Cost of Data Leakage and Data Breach + What is MitreAttackhttps://www.youtube.com/watch?v=8drwwezrrYU slides / notes : https://github.com/soheilsec/RT-workshop-2024 credit : @soheilsec language : persian
7 855
Repost from Pwn3rzs
Cobalt Strike 4.9
Download:
https://ponies.cloud/c2/CobaltStrike%204.9%20Cracked%20uCare@Pwn3rzs.7z
Password: 20231004_2218
Full Black client: https://ponies.cloud/c2/CobaltStrike%204.9%20Client%20Only%20Full%20Theme%20uCare@Pwn3rzs.7z
Password: 20231005_2033
Enjoy!
NOTE:
Our releases of Cobalt Strike will always be packed and obfuscated.
Unlike the crack previously shared by the Chinese website, to which we are not linked.7 855
Rust for Malware Development
This repository contains source codes of various techniques used by real-world malware authors, red teamers, threat actors, state-sponsored hacking groups etc. These techniques are well-researched and implemented in Rust.Repository managed by @5mukx
7 855
Windows-internals Live Training
credit : Pavel Yosifovich
[ + ] videos
[ + ] slides
[ + ] Labs
7 855
Win32 Reverse TCP Shellcode
Wanna learn how to write shellcode for your specific purpose in windows? This is what you need !Credit: Xenofon Vassilakopoulos Pt1: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-1-Locating-the-kernelbase-address/ Pt2: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-2-Locate-the-Export-Directory-Table/ Pt3: https://xen0vas.github.io/Win32-Reverse-Shell-Shellcode-part-3-Constructing-the-reverse-shell-connection/ Code: https://github.com/xen0vas/Win32-Reverse-TCP-Shellcode.git #shellcode #asm #winasm
7 855
Repost from r0 Crew (Channel)
Native function and Assembly Code Invocation
https://research.checkpoint.com/2022/native-function-and-assembly-code-invocation/
#reverse #idapro
7 855
How detect data exfiltration:
https://blog.apnic.net/2022/03/31/how-to-detect-and-prevent-common-data-exfiltration-attacks/
