Source Byte

Name: Portable Format Specification (ELF32) Requirements: Compiling Steps, C Programming Level: Intermediate Author: Tools Interface Standards (TIS) Chapters: 1- Object Files 1- Introduction 2- ELF Header 3- Sections 4- String Table 5- Symbol Table 6- Relocation 2- Program Loading and Dynamic Linking 1- Introduction 2- Program Header 3- Program Loading 4- Dynamic Linking 3- C Library 1- C Library #elf #reverse_engineering #binary #paper #resource

Name: Shellcoder's Handbook Requirements: C, C++, Assembly Level: Basics to Intermediate Authors: Chris Anley, John Heasman, Felix "FX" Lindner, Gerardo Richarte Chapters: 1- Before You Begin 2- Stack Overflows 3- Shellcode 4- Introduction to Format String Bugs 5- Introduction to Heap Overflows 6- The Wild World of Windows 7- Windows Shellcode 8- Windows Overflows 9- Overcoming Filters 10- Introduction to Solaris Exploitation 11- Advanced Solaris Exploitation 12- OS X Shellcode 13- Cisco IOS Exploitation 14- Protection Mechanisms 15- Establishing a Working Environment 16- Fault Injection 17- The Art of Fuzzing 18- Source Code Auditing 19- Instrumented Investigation: A Manual Approach 20- Tracing for Vulnerabilities 21- Binary Auditing 22- Alternative Payload Strategies 23- Writing Exploits that Work in the Wild 24- Attacking Database Software 25- Unix Kernel Overflows 26- Exploiting Unix Kernel Vulnerabilities 27- Hacking the Windows Kernel #binary #exploitation #book #resource

Name: Shellcoder's Handbook Requirements: C, C++, Assembly Level: Basics to Intermediate Authors: Chris Anley, John Heasman, Felix "FX" Lindner, Gerardo Richarte Chapters: 1- Before You Begin 2- Stack Overflows 3- Shellcode 4- Introduction to Format String Bugs 5- Introduction to Heap Overflows 6- The Wild World of Windows 7- Windows Shellcode 8- Windows Overflows 9- Overcoming Filters 10- Introduction to Solaris Exploitation 11- Advanced Solaris Exploitation 12- OS X Shellcode 13- Cisco IOS Exploitation 14- Protection Mechanisms 15- Establishing a Working Environment 16- Fault Injection 17- The Art of Fuzzing 18- Source Code Auditing 19- Instrumented Investigation: A Manual Approach 20- Tracing for Vulnerabilities 21- Binary Auditing 22- Alternative Payload Strategies 23- Writing Exploits that Work in the Wild 24- Attacking Database Software 25- Unix Kernel Overflows 26- Exploiting Unix Kernel Vulnerabilities 27- Hacking the Windows Kernel #binary #exploitation #book #resource

Windows CLFS and five exploits used by ransomware operators https://securelist.com/windows-clfs-exploits-ransomware/111560/ #windows_internls , #CLFS

Cobalt Strike Aggressor Callbacks https://rastamouse.me/cobalt-strike-aggressor-callbacks/ #Cobalt_Strike ,

SMTP Smuggling - Spoofing E-Mails Worldwide https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ #smtp , #spoofing , smuggling

Understanding and Abusing Process Tokens https://securitytimes.medium.com/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa #malware_dev #windows

AtlasLdr Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls Features:

* Retrieve of DLL and PE from a remote server * Manual Mapping on a remote process * Position independent code * Use of indirect Syscalls - ZwAllocateVirtualMemory - ZwProtectVirtualMemory - ZwQuerySystemInformation - ZwFreeVirtualMemory - ZwCreateThreadEx * Single stub for all Syscalls - Dynamic SSN retrieve - Dynamic Syscall address resolution * Atlas also uses - LdrLoadDll - NtWriteVirtualMemory * Custom implementations of - GetProcAddress - GetModuleHandle * API hashing * Cleanup on error * Variable EntryPoint

A technique of hiding malicious shellcode via Shannon encoding https://github.com/kleiton0x00/Shelltropy #malware_dev

⚠️ MALWARE DEVELOPMENT https://github.com/cr-0w/maldev #malware_dev

⚠️ MALWARE DEVELOPMENT https://github.com/cr-0w/maldev #malware_dev

(In)direct Syscalls: A journey from high to low RedOps | Red Team Village | DEF CON 31 https://github.com/VirtualAlllocEx/DEFCON-31-Syscalls-Workshop #malware_dev #defcon

(In)direct Syscalls: A journey from high to low RedOps | Red Team Village | DEF CON 31 https://github.com/VirtualAlllocEx/DEFCON-31-Syscalls-Workshop #malware_dev #defcon

fork() bombing windows https://mostwanted002.page/post/fork-bomb-windows/

Malware analysis in Russian (If you have En version of this pls share) https://m.vk.com/wall-203365865_416 #malware_analysis

Malware 101: Develop and Analyze our own malware https://fareedfauzi.github.io/2021/09/20/Malware-dev-analysis.html #malware_dev #malware_analysis

We write our own malware. Part 1: Learning to write a completely “undetectable” keylogger https://habr.com/en/companies/varonis/articles/302458/ #malware_dev