Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @n4r1B
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @n4r1B
-
Narib proslijedio/la je Tweet
we have an update to DTrace on Windows. with the latest 20H1 insider build, no more KD required to use dtrace on windows. plus arm64 MSI.https://techcommunity.microsoft.com/t5/windows-kernel-internals/dtrace-on-windows-20h1-updates/ba-p/1127929 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
My IDA Plugins HeapViewer and deREferencing have been ported to Python3 on GitHub. Both should support python2/3. If you find any error, let me know:https://github.com/danigargu
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
The 7th part of the tutorial Hypervisor From Scratch is published! In this part, I described EPT. Thanks to Petr
@PetrBenes as Hypervisor From Scratch could never have existed without his help and to Alex@aionescu for patiently answering my questions.https://rayanfam.com/topics/hypervisor-from-scratch-part-7/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
After a lot of work and some crypto-related delays, I couldn't be more proud to publish
@aionescu's and mine latest research - The complete overview of CET internals on Windows (so far!): http://windows-internals.com/cet-on-windows/Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
We just updated the executive callback repo with a research on the callback used by PatchGuard
@0xcpuhttps://github.com/0xcpu/ExecutiveCallbackObjects/tree/master/542875F90F9B47F497B64BA219CACF69 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
It's not completely finished, but good enough for playing with C++ exceptions in Windows Driver. - FH3 & new FH4 - x86 & x64 - optimized stack usage - no TLS https://github.com/avakar/vcrtl impl. details: x86: https://github.com/avakar/vcrtl/tree/master/src/x86 … x64: https://github.com/avakar/vcrtl/tree/master/src/x64 … credits:
@avakar452https://twitter.com/PetrBenes/status/1175759861713375241 …
0:21Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
Use whatever tool you want, I do use both IDA and Ghidra. But stop being a fucking dick and acting like it's holy war insulting
@Ilfak,@IgorSkochinsky, Arnaud and all the other people making a living by coding the tool we all have been using for fucking decades.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
@D00RT_RM deobfuscated#Qakbot/#Qbot payloads and extracted its config with Hatching Triage#sandbox. Check his write up here:https://hatching.io/blog/reversing-qakbot …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Myself and
@0xcpu have been doing a research on Executive Callback Objects. It's still WIP but feel free to contribute or add more info
https://github.com/0xcpu/ExecutiveCallbackObjects …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Research on the Windows Defender ELAMhttps://n4r1b.netlify.com/en/posts/2019/11/understanding-wdboot-windows-defender-elam/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Narib proslijedio/la je Tweet
Microsoft symbol server is experiencing an outage. No ETA to a fix yet.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
I just published an in-depth analysis of how the
#Emotet network protocol works. Also I've released a tool which emulated this protocol and is capable to download new#modules &#malware from the C&Cs. It's integrated with@hatching_io and@CapeSandbox. https://d00rt.github.io/emotet_network_protocol/ …pic.twitter.com/BTogCwsJqn
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
next
#pestudio to add@MITREattack Tactics to ease#Malware Initial Assessmentpic.twitter.com/CoRfdEG4PC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Finally managed to finish translating this quite long post, big overview on how the Bootloader loads the essential Drivershttps://n4r1b.netlify.com/en/posts/2019/03/how-does-the-os-loader-loads-the-essential-drivers/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
And, done!
#Diaphora 2.0 with support for Python 3.X and IDA 7.4 has been published:https://github.com/joxeankoret/diaphora …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Little research
@0xcpu and me did on the new AltSystemCallHandlers functionality added to Windows 10 20H1 18995. Register a handler that gets executed every time KiSystemCall is called, this has a lot of potential!!https://github.com/0xcpu/WinAltSyscallHandler …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
I've written a little IDA Python's http://idc.py <= 7.3 compatibility module that you can use to support old IDA Python plugins in IDA 7.4. It's in Public Domain. Thank me later...https://pastebin.com/5Tt48NJJ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
New blog post: New machine learning protection features in Microsoft Defender ATP’s behavioral blocking and containment capabilities recently protected 100 organizations from a highly targeted credential theft attackhttps://www.microsoft.com/security/blog/2019/10/08/in-hot-pursuit-of-elusive-threats-ai-driven-behavior-based-blocking-stops-attacks-in-their-tracks/ …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Narib proslijedio/la je Tweet
If you need a fast/light way to instrument and save each instruction (with general purpose & r/e flags) in all levels of execution (User-mode/Kernel-mode/Hypervisor) then use my new customized version of QEMU. https://github.com/SinaKarvandi/misc/blob/master/custom-qemu-for-instrumentation/readme.md …pic.twitter.com/UnURU8fADY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
