A beginner-friendly tutorial on analyzing .NET malware teaches you how to use common tools, recognize techniques and understand infection chains. The post A Mega Malware Analysis Tutorial Featuring Donut-Generated Shellcode appeared first on Unit 42.| Unit 42
Kaspersky experts have discovered a new SteelFox Trojan that mimics popular software like Foxit PDF Editor and JetBrains to spread a stealer-and-miner bundle.| securelist.com
What is a Callback Function? In simple terms, it’s a function that is called through a function pointer. When we pass a function pointer to the parameter where the callback function is required, once that function pointer is used to call that function it points to it’s said that a call back is made. This […]| 🔐Blog of Osanda
22nd June, 2015 Content Introduction Generate shellcode Analysis Conclusion Execute re-engineered shellcode 1. Introduction In previous chapters we’ve looked into the meterpreter reverse tcp shell & the adduser shellcodes. Today I am going to dig into the linux/x86/shell/bind_nonx_tcp shellcode to find the difference between the normal and the noNX payloads. 2. Generate shellcode I am […]| Re4son
27th June, 2015 Content Introduction Generate shellcode Compile POC and retrieve shellcode source Disassemble and analyze shellcode 1. Introduction After looking into the meterpreter reverse shell in the last post I am going to analyze the linux/x86/adduser payload today. 2. Generate shellcode A few things to be aware of when dissecting msf payloads: the shellcodes […]| Re4son
24th June, 2015| whitedome.com.au
A small proof of concept Windows shellcode injector using syscalls.| www.solomonsklash.io
Εισαγωγή H προστασία Data Execution Prevention (αποτροπή εκτέλεσης δεδομένων) ή εν συντομία DEP, αποτελεί ένα σύνολο τεχνολογιών Hardware (υλικού) και Software (λογισμικού) που πραγματοποιούν πρόσθ…| Ghost in the Lab
Σε προηγούμενα άρθρα (1,2) καταφέραμε –σχετικά εύκολα– να ανακατευθύνουμε τη ροή του προγράμματος στο οποίο επιτεθήκαμε, με αποτέλεσμα να εκτελέσουμε επιτυχώς δικό μας κακόβουλο κώδικα …| Ghost in the Lab
PMSoftware Simple Web Server 2.2-rc2: The easy and small way to open an HTTP Web Server. Now HTTP/1.1 compliant, RTSP/1.0, PAWN and LUA plugins A Simple Web Server (for example can be used t…| Ghost in the Lab
The following vulnerable application (server.exe) was part of the Appsec Research 2012 University Challenge. Goal: To open a command shell on the server with privileges of the vulnerable echo serve…| Ghost in the Lab
Breakdown of a recent Gozi trojan Italian targeted campaign| Toxin Labs
While perusing Full Disclosure recently, I came across Jon Butler’s Proof of Concept (PoC) exploit for Easy FTP Server 1.7.0.2, an obscure FTP server. I’m no expert on exploit developme…| my 20%
Shining a Light on the Hidden Tactics and Techniques Employed by DarkGate| Toxin Labs
