🎓 Master Malware Analysis & Reverse Engineering with Google's FLARE Learning Hub
FLARE Learning Hub is a free educational platform created by Google's FLARE team, offering high-quality training in reverse engineering and malware analysis. It includes a hands-on Malware Analysis Crash Course, an in-depth Go Reverse Engineering Reference, and a practical introduction to Time Travel Debugging (TTD). Each module comes with labs, sample binaries, scripts, and reference materials, making it an excellent resource for aspiring malware analysts, reverse engineers, DFIR professionals, and CTF players.
🔗 github.com/mandiant/flare…#ReverseEngineering#MalwareAnalysis#DFIR#CyberSecurity#OpenSource
Part 3 of the hypervisor based game cheat series is up.
This is where the series starts moving from hypervisor primitives into actual game cheat mechanics.
This part covers EPT hooks, VM exits, VMI, monitoring loops, overlay and input delivery paths, and the point where a low level memory or execution event starts becoming cheat relevant.
Also started touching the actual game cheat side more directly this time, but this is about technical principles and mechanics, not actual code.
Big thanks and credit to @Intel80x86@HyperDbg for the great HyperDbg work on hardware assisted debugging, EPT hidden hooks, transparent memory hooks, and VM exit based monitoring.
Can't imagine how lost it would've been without HyperDbg. Seriously a lifesaver!
Also grateful to Panicos Karkallis and Jorge Blasco Alís for the VIC research on virtual machine introspection cheats.
For a bit of context, this entire series is originally a single Korean document. Splitting it up due to the length, and it’ll probably be around 8 or 9 parts total.
Translating from the original Korean made the English version feel a bit awkward in earlier parts, so spent some extra time polishing this one. Really hope it’s a much smoother read. 🙏
Please take it as a light read. If anything is wrong or too wordy, feedback is always welcome. 😇
kernullist.github.io/kernullist-blo…
Following on our series: An Introduction to Modern Malware Development for Red Teams, today's episode is all about Portable Executables.
In this blog post, I walk you through what are PEs, what known file types are, in fact, PEs, what is their structure and what are the detection opportunities security products leverage to stop your tooling from executing even before it gets a chance to start.
Up next we will be diving into Process and Threads so we can set the stage for process injection techniques. Stay tune.
You can read the article here: anteiku-energy.github.io/papers/an-intr…
Keep hacking,
Sp1d3rM_*^!
I created two blog posts based on my Fantastic Cleartext Passwords talk, which I presented last year at BSides Munich, and I released the first part (Linux) today.
The second part (Windows) will be released next week.
Even if these techniques are not novel, I still consider them interesting enough to publish and, most importantly, to raise awareness of all the places an attacker could steal your password. Enjoy.
Link to the first part:
dfir.ch/posts/fantasti…
New video: logon sessions explained.
Every process has a token. Every token came from a logon session. But most developers never touch the session directly.
Covers: what logon sessions hold, why tokens exist as a separate layer, LsaEnumerateLogonSessions in C++, and the relevant structures in WinDbg.
trainsec.net/library/window…
labs.infoguard.ch/posts/ghost-se…
"When an organisation uses Exchange Online (or on-premises exchange in hybrid mode) with a third-party mail server or spam filter as its MX record, it is possible to send mail from any sender to that organisation. Outlook delivers it without warning"
9K Followers 7K FollowingWe maintain free software downloads with no ads, no crapware & no b.s.
It's kinda what we're known for.
#opensource #computing #software #freeware
#FOSS
49K Followers 103 Followingأكبر شركة أمن سيبراني في الشرق الأوسط
كل ما يتعلق بالأختراق الأخلاقي & الأمن السيبراني في مكان واحد
Cyber Security & Ethical Hacking
3K Followers 142 Followingcybersecurity enthusiast, author. speaker, mathematician. Love my wife and kids. Author of MD MZ, MalWild and Maldev for Ethical Hackers (2022-2024) books.
91K Followers 955 FollowingProgrammer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
265K Followers 3K FollowingPentester, Forensic investigator, and former college professor. Trained hackers at each US military and intelligence.
Visit me at https://t.co/G478wug0p4
15K Followers 818 Following// use arch malware, btw
// adversarial provocative treat
// sr cybersecurity leader, megacorp usa
// misery @despairware
// take sincerely at your own risk
264 Followers 325 FollowingIT pro by day, maker & breaker by night.
Powered by an engine of endless discovery!
💻︄︍︆︅︆️︇︇︂︀︆︉︆︆︂︀︇︉︆️︇︅︂︀︆︃︆︁︆︎︂︀︇︂︆︅︆︁︆︄︂︀︇︄︆︈︆︉︇︃︂︁︂︀ //hidden message!
17K Followers 3K Following🛠️ Former Sysadmin, now Pentester | Microsoft MVP | Helping IT teams make their environment harder to attack | @SecurIT360 & @CyberThreatPOV
145K Followers 218 FollowingWe are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit https://t.co/kxEbdfMny1.
123 Followers 106 FollowingBorn as True Aussie. I do post mostly politics, with some gaming, etc. I speak my mind, & if I’m wrong, just drop facts & correct me like a true Aussie.
~K-999
6K Followers 8 FollowingReal-time threat and infostealer intelligence for MSSPs, enterprises, and researchers. Detect leaks, monitor takeovers and respond instantly.