Source Byte

📍Malware that TeamTNT found and removed. [ GitHub ] 📍Awesome red team toolkits https://github.com/HildeTeamTNT/Awesome-Red-Teaming.git

Maldev academy [+] Maldev guide [+] Maldev modules with update modules [+] Maldev update 9 [+] Pdf [+] Vm #malware_dev

RIFT: Analysing a Lazarus Shellcode Execution Method NCC Group Research

This post covers a shellcode execution technique that leverages the UuidFromStringA and EnumSystemLocalA APIs to load and execute shellcode

Shellcode Execution via EnumSystemLocalA [ Ref ]

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats. https://github.com/crocodyli/ThreatActors-TTPs.git

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats. https://github.com/crocodyli/ThreatActors-TTPs.git

System Programming Roadmap

System Programming Languages Computer Architecture Assembly Compilers Exploitation Browser Hacking Malware OS Fundamentals VM internals

https://github.com/ujjwal-kr/system-programming-roadmap

#exploit 1. Windows 11 24H2 NT Exploit https://github.com/exploits-forsale/24h2-nt-exploit 2. CVE-2024-29417: Unauth privilege escalation in Horacius https://blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation

Windows kernel driver static reverse using IDA and GHIDRA

Trace processing pipeline https://github.com/SeanHeelan/otel-profiling-agent/blob/main/README.md#trace-processing-pipeline

Top SOCMINT tools to investigate and to deanonymize GitHub accounts: - GitFive from mxrch - Octosuite from rly0heart (Bellingcat) - Gitcolombo from soxoj - Zen from s0md3v - Map of GitHub from anvaka - Dorks and secret search for cybersec 👉 Read more: https://sowel.soxoj.com/check-commits #github #community

this one become trend ...

A Deep Dive into V8 Sandbox Escape Technique Used in In-The-Wild Exploit We were analyzing an in-the-wild V8 vulnerability, CVE-2023–2033. Once we exploited the bug, it was not difficult to get typical exploit primitives such as addrof, read and write in V8 heap. The problem is that we need to escape the V8 sandbox in order to get code execution. https://blog.theori.io/a-deep-dive-into-v8-sandbox-escape-technique-used-in-in-the-wild-exploit-d5dcf30681d4 # CVE-2023–2033 , #cve_analysis

I have no problem. my point is not to make money out of the website. If its earned enough to keep servers running that be enough for me. if something leaks out then its for everyone use it and i will not be sad for a single second. Enjoy the material

The Nightmare of EDR: Storm-0978 Utilizing New Kernel Injection Technique "Step Bear" https://ti.qianxin.com/blog/articles/The-Nightmare-of-EDR-Storm-0978-Utilizing-New-Kernel-Injection-Technique-Step-Bear-EN/