Переводы статей для xss.pro

Отслеживать

PE Import Table hijacking as a way of achieving persistence - or exploiting DLL side loading

Preface In this post I describe a simple trick I came up with recently - something which is definitely nothing new, but as I found it useful and haven't seen it elsewhere, I decided to write it up. What we want to achieve So - let's consider backdooring a Windows
hackingiscool.pl

malware-analysis-writeups/bashar-bachir-analysis.pdf at master · itsKindred/malware-analysis-writeups

A repository of my completed writeups, along with the samples themselves. - malware-analysis-writeups/bashar-bachir-analysis.pdf at master · itsKindred/malware-analysis-writeups
github.com

hipotermia - Account takeover via HTTP Request Smuggling

A bug chain of HTTP Request Smuggling that led to account takeover
hipotermia.pw

SSH Pentesting Guide

In this guide, I will: Quickly introduce the SSH protocol and implementations.Expose some common configuration mistakes then showcase some attacks on the protocol & implementations.Present some SSH pentesting & blue team tools.Give a standard reference for
community.turgensec.com

Brief Analysis of the FDLP.gov Deface

Let me start off by saying that I know this deface is a surprise to absolutely nobody. It doesn’t necessarily warrant the attention I gave…
medium.com

Kitploit – Maintenance in Progress

Kitploit is temporarily under maintenance. We’ll be back shortly with improvements.
www.kitploit.com

PAN

Siguza’s Blog
siguza.github.io
 

CVE-2019-1215 Analysis of a Use After Free in ws2ifsl | Bluefrostsecurity

labs.bluefrostsecurity.de

Persistence – AppInit DLLs

Windows operating systems provide the functionality to allow custom DLL’s to be loaded into the address space of almost all application processes. This can give the opportunity for persistenc…
pentestlab.blog

Tik or Tok? Is TikTok secure enough? - Check Point Research

Researchers: Alon Boxiner, Eran Vaknin, Alexey Volodin, Dikla Barda, Roman Zaikin December 2019 Available in over 150 markets, used in 75 languages globally, and with over 1 billion users, TikTok has definitely cracked the code to the term “popularity” across the globe. As of October 2019...
research.checkpoint.com

The Bug That Exposed Your PayPal Password

And Credit Card Number Too
medium.com
 
Последнее редактирование:
интересная серия

Malware Engineering Part 0x1âââThat magical ELF

Since my childhood or since the day I got to hear about the term computer virus, I was curious to know what it exactly is and what does it…
medium.com

Malware Engineering Part 0x2â Finding shelter for parasite

A virus is a small infectious agent that replicates only inside the living cells of an organism ×_×
medium.com

Malware Engineering Part 0x3Â : Crafting a peaceful parasite

The art of writing code that makes sense to CPU asks for a formal education in various deciplines of computer science.
medium.com
 
Ребята, не проходим мимо и поддерживаем инициативу. Столько интересных материалов для перевода и как-то вяло идет процесс.

Reverse engineering and modifying an Android game (.apk)âââCTF

Recently I solved a CTF style challenge where the user was given an .apk file with the goal to find the flag. It turned out that it was aâ¦
medium.com

Windows Debugging & Exploiting (части 1, 2, 3)

Windows Debugging & Exploiting Part 1 - Environment Setup

In this blog series, I will try to set some base knowledge for Windows system debugging and exploitation and present how to setup an environment for remote kernel debugging.
www.trustwave.com

Windows Debugging & Exploiting Part 2 - WinDBG 101

Hello again! After our previous post about the environment setup, now it is time to cover the main tool of this project, the WinDBG.
www.trustwave.com

Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging

Time to start 2020? No better time for writing about the TTD (Time Travel Debugging) feature from WinDBG.
www.trustwave.com


Stealing NTLMv2 hash by abusing SQL injection in File download functionality

Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.
www.mannulinux.org
 
Последнее редактирование:
Последнее редактирование:
admin сказал(а):
Ребята, не проходим мимо и поддерживаем инициативу. Столько интересных материалов для перевода и как-то вяло идет процесс.

Reverse engineering and modifying an Android game (.apk)âââCTF

Recently I solved a CTF style challenge where the user was given an .apk file with the goal to find the flag. It turned out that it was aâ¦
medium.com
Взял в работу)
 
Пожалуйста, обратите внимание, что пользователь заблокирован
Последнее редактирование:
Пожалуйста, обратите внимание, что пользователь заблокирован

Malware development part 1 - basics

Introduction This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist. Let’s create a C++ application that will run...
0xpat.github.io

Malware development part 2 - anti dynamic analysis & sandboxes

Introduction This is the second post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist. Previously, we’ve created basic Metasploit...
0xpat.github.io

Malware development part 3 - anti-debugging

Introduction This is the third post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist. In the previous part of the series we discussed...
0xpat.github.io


lukinobambino сказал(а):
В какой раздел. Я просто новичок тут.
https://xss.pro/forums/53/
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх