Source Byte

The Windows Registry Adventure #1: Introduction and research results https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html @WindowsHackingLibrary

13-year-old Marco Liberale has created a proof-of-concept PasteBin C2 botnet in Go. Is it fully cross platform working on Windows, Linux, and Mac. We are very happy to see such a young person contributing to this research space. Check it out here: https://github.com/marco-liberale/PasteBomb

Red team webinar presentation https://kpmg.pathfactory.com/RedTeamWebinar#page=1

Red team webinar https://kpmg.pathfactory.com/RedTeamWebinar#page=1

#Source D/Invoke Process Hollowing Implementation of process hollowing shellcode injection using DInvoke. با استفاده از Dynamic Invocation یا همون D/Invoke به جای P/Invoke میتونید به صورت داینامیک از کد های UnManaged استفاده کنید. تو این مقاله به صورت کامل در مورد ضرورت ایجاد D/Invoke و تفاوتش با P/Invoke اشاره کرده. حالا در این ریپو یک سناریو مربوط به تزریق کد ها با استفاده از تکنیک Process Hollowing رو میتونید بررسی کنید. 🦅 کانال بایت امن | گروه بایت امن _

⚙️ MultiDump This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis 🔗 https://github.com/Xre0uS/MultiDump #lsass #remote #cpp #python

Аналог GetProcAddress, но написан на ассемблере. Гуд... https://github.com/WKL-Sec/FuncAddressPro #redteam #maldev #evasion

SymProcAddress Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids) https://github.com/MzHmO/SymProcAddress

😈 [ Evan McBroom @mcbroom_evan ] I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March. If you are interested in getting credentials from LSASS without accessing its memory, check it out! Blog: 🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b Tool: 🔗 https://github.com/Meowmycks/LetMeowIn Crossposted on GH: 🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279 🐥 [ tweet ]

Notes ver.1.0 Stuff about IT security that might be good to know by xapax This is some documentation I have build up over the years. Everything is work in progress, some stuff is years old and might not be relevant. Other stuff is new and not so bad. Source GitHub #useful #defensive #web #hardening

Windows-based credential dumper using C++ and MASM x64. https://github.com/Meowmycks/LetMeowIn

Hack.lu 2023: Malware Av evasion tricks by cocmelonc https://youtu.be/0Xa4E4ZpX2E?si=xbfueQY-gmEYS6lx https://t.me/islemolecule_source/923

Vulnerability Management Goes Much Deeper Than Patching

What Is Vulnerability Management? Vulnerability Management For Compliance Elements of Vulnerability Management Improving Vulnerability Management With Zero Trust Vulnerability Management Is a Journey, Not a Destination

https://www.kolide.com/blog/vulnerability-management-goes-much-deeper-than-patching

Name: Serious Cryptography Requirements: Nothing Level: Basics and Basis Author: Jean-Phillippe Aumassen Chapters: 1 - Encryption 2 - Randomness 3 - Cryptography Security 4 - Block Ciphers 5 - Stream Ciphers 6 - Hash Functions 7 - Keyed Hashing 8 - Authenticated Encryption 9 - Hard Problems 10 - RSA 11 - Diffie-Hellman 12 - Elliptic Curves 13 - TLS 14 - Quantum and Post-Quantom #cryptography #book #resource

superman Kill The Protected Process https://github.com/b1-team/superman

Little AV/EDR bypassing lab for training & learning purposes https://github.com/Xacone/BestEdrOfTheMarket