Security Pepe

@malwarehedgehog

Vrijeme pridruživanja: rujan 2015.
6 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @malwarehedgehog

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @malwarehedgehog

  1. proslijedio/la je Tweet
    4. velj

    Red Team Cheat Sheet

    1 reply 191 proslijeđeni tweet 453 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    4. velj

    Very useful tool if you are studying Drivers. Also really enjoyed the book: Windows Kernel Programming

    54 proslijeđena tweeta 170 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    4. velj

    x0rro — A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2 Often AVs rely on simple signatures to detect malicious software and I needed a tool in order to confirm this behavior and be able to produce a working bypass. That’s why I wrote x0rro.

    98 proslijeđenih tweetova 234 korisnika označavaju da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    4. velj

    Introduction to mobile network intrusion from a mobile phone: by , , Henri, , and myself.

    1 reply 52 proslijeđena tweeta 136 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    3. velj

    Full writeup and exploit of Windows kernel ws2ifsl use-after-free (CVE-2019-1215) via and

    22 proslijeđena tweeta 66 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    4. velj

    Did you enjoy our / string decryption tutorial ... But you wish we had used instead of 🧐 Check out this awesome tutorial from 🙌

    20 proslijeđenih tweetova 52 korisnika označavaju da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    3. velj

    📢 New video is up on our YouTube channel! Usage of "Waitfor" binary as a method to download and execute malware! Don't forget to subscribe to our channel to receive notifications 🔔 of our new videos🎞️

    6 proslijeđenih tweetova 3 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    2. velj

    Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!

    161 proslijeđeni tweet 368 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    3. velj

    Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)

    174 proslijeđena tweeta 319 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    3. velj

    VB6 Packers are no joke, This one took me a while to write and I do hope you enjoy it! Analyzing Modern Malware Techniques - Part 3 Vb6 packers

    42 proslijeđena tweeta 71 korisnik označava da mu se sviđa
    Poništi
  11. proslijedio/la je Tweet
    2. velj

    Finally released part 2 of my »Reversing with « series! In this video we reverse engineer some of the integrated decryption methods and see how we can easily analyze C++ code in Ghidra.

    6 replies 156 proslijeđenih tweetova 517 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    2. velj

    [COM hijacking] While I was looking for some methods related to the COM hijacking technique, I found a new method that allows you to hijack COM and execute Scriptlet instructions :) Registry import file:

    63 proslijeđena tweeta 127 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    1. velj

    1\ Malware sandboxes are useful but extremely limited. Here's a malware call graph, and in red are the functions the malware actually *executed* when run in a sandbox -- a miniscule fraction of the malware's potential badness!

    10 replies 43 proslijeđena tweeta 109 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    2. velj

    KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore,

    170 proslijeđenih tweetova 321 korisnik označava da mu se sviđa
    Poništi
  15. proslijedio/la je Tweet
    2. velj

    SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo

    167 proslijeđenih tweetova 364 korisnika označavaju da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    31. sij

    Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers Hope you enjoy! As always ping me with any questions

    1 reply 59 proslijeđenih tweetova 128 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    1. velj

    is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with 's execute-assembly command.

    10 replies 234 proslijeđena tweeta 506 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    31. sij

    "Dark sides of Java remote protocols" by

    21 proslijeđeni tweet 27 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    31. sij

    Security of Azure DevOps build agents demystified by

    16 proslijeđenih tweetova 19 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    127 proslijeđenih tweetova 240 korisnika označava da im se sviđa
    Poništi

@malwarehedgehog još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·