Channel address:
Categories:
Technologies
Language: English
Subscribers:
3.00K
Description from channel
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...
Partner channel: @cveNotify
Contact: @SirMalware
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
2
2 stars
0
1 stars
1
The latest Messages 11
2022-02-14 20:47:01
dronesploit : Drone pentesting framework console : https://github.com/dhondta/dronesploit credits @alex_dhondt
binitamshah @malwr
191 views17:47
2022-02-14 19:53:05
BigQuery SQL Injection Cheat Sheet
https://ozguralp.medium.com/bigquery-sql-injection-cheat-sheet-65ad70e11eac
tbbhunter @malwr
175 views16:53
2022-02-14 19:50:47
My write up for CVE-2021-43893, a vulnerability that allowed a remote attacker to upload files to a Domain Controller, just got posted
https://www.rapid7.com/blog/post/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893/
Junior_Baines @malwr
149 views16:50
2022-02-14 19:46:59
frida typescript trick : if you want to hook functions with reserverd names such as toString(), encode the string and get function with [""]
Instead of jsonObj.toString.implementation
use jsonObj[b64decode("dG9TdHJpbmc=")]
:D
0xabc0 @malwr
161 views16:46
2022-02-11 12:41:24
Today we published a new report on the new ModifiedElephant APT, and the years of attacks against groups and individuals in India.
Blog: https://www.sentinelone.com/labs/modifiedelephant-apt-and-a-decade-of-fabricating-evidence/
Full Report: https://assets.sentinelone.com/sentinellabs-apt/modified-elephant-apt
TomHegel @malwr
73 viewsedited 09:41
2022-02-11 12:34:32
How can we run arbitrary code without allocating/overwriting executable memory? We "borrow" (abuse) instructions from ntdll.dll!
https://www.x86matthew.com/view_post?id=windows_no_exec
x86matthew @malwr
88 views09:34
2022-02-11 11:22:32
Microsoft blocks VBA macros originating from Internet based on MOTW flag.
I'm now sharing a tool presenting risk for MOTW bypasses, which will play crucial role in evading MS default setting and smuggle macros back in.
Threat Actors already do that.
https://github.com/mgeeky/PackMyPayload
mariuszbit @malwr
99 views08:22
2022-02-11 09:12:34
Just released a new, fast-paced, interactive binary patching plugin for IDA Pro. Check out a small blurb about it on the @HexRaysSA blog: https://hex-rays.com/blog/introducing-the-patching-plugin/
Code: https://github.com/gaasedelen/patching
ret2systems @malwr
153 views06:12
2022-02-09 22:04:31
Guess I will get to see how my theory on this will play out in real life now
https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805
HackingLZ @malwr
156 views19:04
2022-02-07 20:17:44
Another new post to start the week! This time around I take a look at a RTF document that exploits MS Office Equation Editor to deploy AgentTesla:
#malware #agenttesla
https://forensicitguy.github.io/agenttesla-rtf-dotnet-tradecraft/
ForensicITGuy @malwr
135 views17:17