This page was designed to be a useful, informational asset for those looking to understand the specific tactics, techniques, and procedures (TTPs) attackers are leveraging to compromise active directory and guidance to mitigation, detection, and prevention. And understand Active Directory Kill Chain Attack and Modern Post Exploitation Adversary Tradecraft Activity.
https://github.com/infosecn1nja/AD-Attack-Defense
#redteam #activedirectory #darw1n
https://github.com/infosecn1nja/AD-Attack-Defense
#redteam #activedirectory #darw1n
GitHub
GitHub - infosecn1nja/AD-Attack-Defense: Attack and defend active directory using modern post exploitation adversary tradecraft…
Attack and defend active directory using modern post exploitation adversary tradecraft activity - infosecn1nja/AD-Attack-Defense
👍1
Tickling VMProtect with LLVM https://forum.reverse4you.org/t/tickling-vmprotect-with-llvm/16980 #reverse #vmprotect #llmv #tutorial #darw1n
R0 CREW
Tickling VMProtect with LLVM
This series of posts delves into a collection of experiments I (fvrmatteo) did in the past while playing around with LLVM and VMProtect. I recently decided to dust off the code, organize it a bit better and attempt to share some knowledge in such a way that…
Anubis Android Malware Analysis / Source Code https://forum.reverse4you.org/t/anubis-android-malware-analysis/16982 #reverse #mobile #malware #anroid #anubis #analysis #darw1n
R0 CREW
Anubis Android Malware / Source Code / Leaked
Anubis is one of the most well-known malware in the Android Malware family. It’s still popular for threat actors today, given its capabilities and the damage it has done to andorid users in the past. On the other hand, it offers many Malware Developers the…
JavaScript Deobfuscator and Unpacker https://forum.reverse4you.org/t/javascript-deobfuscator-and-unpacker/16986 #tools #malware #javascript #unpack #obfuscation #darw1n
R0 CREW
JavaScript Deobfuscator and Unpacker
Online: https://lelinhtinh.github.io/de4js/ Github: GitHub - lelinhtinh/de4js: JavaScript Deobfuscator and Unpacker
GDA, a new Dalvik bytecode decompiler, is implemented in C++
https://forum.reverse4you.org/t/gda-gjoy-dex-analyzer/16985 #reverse #tools #mobile #android #decompiler #apk #dex #dalvik #darw1n
https://forum.reverse4you.org/t/gda-gjoy-dex-analyzer/16985 #reverse #tools #mobile #android #decompiler #apk #dex #dalvik #darw1n
R0 CREW
GDA (GJoy Dex Analyzer)
GDA, a new Dalvik bytecode decompiler, is implemented in C++, which has the advantages of faster analysis and lower memory&disk consumption and an stronger ability to decompiling the APK, DEX, ODEX, OAT files(supports JAR, CLASS and AAR files since 3.79).…
👍1
Cross-platform agent and Post-exploitation tool written in Golang and C++
https://forum.reverse4you.org/t/cross-platform-agent-and-post-exploitation-tool-written-in-golang-and-c/17060
#tools #postexploitation #redteam #agent #framework #darw1n
https://forum.reverse4you.org/t/cross-platform-agent-and-post-exploitation-tool-written-in-golang-and-c/17060
#tools #postexploitation #redteam #agent #framework #darw1n
R0 CREW
Cross-platform agent and Post-exploitation tool written in Golang and C++
Free, Open-Source, Cross-platform agent and Post-exploitation tool written in Golang and C++ beacon: Agent, written in C++. teamserver: Server, written in Golang. teamclient: User client, written in C++, the UI use Qt-GUI. Features Supported C2 Protocols:…
Roppeer is a tool to find gadgets and build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64)
https://forum.reverse4you.org/t/roppeer-is-a-tool-to-find-gadgets-and-build-rop-chains-for-different-architectures-x86-x86-64-arm-arm64-mips-powerpc-sparc64/17064
#tools #expdev #ropchain #rop #python #diablo
https://forum.reverse4you.org/t/roppeer-is-a-tool-to-find-gadgets-and-build-rop-chains-for-different-architectures-x86-x86-64-arm-arm64-mips-powerpc-sparc64/17064
#tools #expdev #ropchain #rop #python #diablo
R0 CREW
Roppeer is a tool to find gadgets and build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64)
Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework. https://github.com/sashs/Ropper
Analyzing a Patch of a Virtual Machine Escape on VMware
https://forum.reverse4you.org/t/analyzing-a-patch-of-a-virtual-machine-escape-on-vmware/17110
#reverse #windows #expdev #patchanalysis #patch #analysis #vmware #darw1n
https://forum.reverse4you.org/t/analyzing-a-patch-of-a-virtual-machine-escape-on-vmware/17110
#reverse #windows #expdev #patchanalysis #patch #analysis #vmware #darw1n
R0 CREW
Analyzing a Patch of a Virtual Machine Escape on VMware
The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion. On Workstation Pro and Fusion, the issue cannot…
👍1
SleepyCrypt: Encrypting a running PE image while it sleeps
https://forum.reverse4you.org/t/sleepycrypt-encrypting-a-running-pe-image-while-it-sleeps/17116
#malware #redteam #tips #encrypt #protection #windows #cobaltstrike #Octopus
https://forum.reverse4you.org/t/sleepycrypt-encrypting-a-running-pe-image-while-it-sleeps/17116
#malware #redteam #tips #encrypt #protection #windows #cobaltstrike #Octopus
R0 CREW
SleepyCrypt: Encrypting a running PE image while it sleeps
Introduction In the course of building a custom C2 framework, I frequently find features from other frameworks I’d like to implement. Cobalt Strike is obviously a major source of inspiration, given its maturity and large feature set. The only downside to…
CVE-2021-40444 Analysis / Exploit
https://forum.reverse4you.org/t/cve-2021-40444-analysis-exploit/17118
#expdev #windows #cve #office #rce #exploit #hottabych
https://forum.reverse4you.org/t/cve-2021-40444-analysis-exploit/17118
#expdev #windows #cve #office #rce #exploit #hottabych
R0 CREW
CVE-2021-40444 Analysis / Exploit
Intro I’m writing the blog post when I have no technical background on this exploit. So I would like to share my experience with it. I saw a lot of people did a proof of concept, so I decided to do something different which is I will get the exploit then…
Richkware a framework for building Windows malware, written in C++
https://forum.reverse4you.org/t/richkware-a-framework-for-building-windows-malware-written-in-c/17103
#tools #redteam #malware #framework #agent #Karina
https://forum.reverse4you.org/t/richkware-a-framework-for-building-windows-malware-written-in-c/17103
#tools #redteam #malware #framework #agent #Karina
R0 CREW
Richkware a framework for building Windows malware, written in C++
Description Richkware is a library of network and OS functions, that you can use to create malware. The composition of these functions permits the application to assume behaviors referable to the following types of malware: Virus Worms Bot Spyware Keylogger…
IDA Pattern Search is a plugin that adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format. Using this plugin, it is possible to define new patterns according to the appropriate CPU architecture and analyze the target binary to find and define new functions in it.
https://forum.reverse4you.org/t/idapatternsearch-adds-a-capability-of-finding-functions-according-to-bit-patterns/17209
#tools #reverse #idapro #plugin #patterns #ghidra
https://forum.reverse4you.org/t/idapatternsearch-adds-a-capability-of-finding-functions-according-to-bit-patterns/17209
#tools #reverse #idapro #plugin #patterns #ghidra
R0 CREW
IDAPatternSearch adds a capability of finding functions according to bit-patterns
IDA Pattern Search is a plugin that adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidra’s function patterns format. Using this plugin, it is possible to define new patterns according to…
$8,000 Bug Bounty Highlight: XSS to RCE in the Opera Browser
https://blogs.opera.com/security/2021/09/8000-bug-bounty-highlight-xss-to-rce-in-the-opera-browser/
#browser #opera #xss #rce #coolstory #darw1n
https://blogs.opera.com/security/2021/09/8000-bug-bounty-highlight-xss-to-rce-in-the-opera-browser/
#browser #opera #xss #rce #coolstory #darw1n
Opera Security
$8,000 Bug Bounty Highlight: XSS to RCE in the Opera Browser
Continuing from his previous post, Bug Bounty Hunter Renwa writes about the second vulnerability he submitted to Opera's Bug Bounty Programme: a Remote Code Execution in Opera's My Flow Feature. What follows is his write-up and experience.
HashDB is a free community-sourced library of hashing algorithms used in malware, with an IDA plugin!
⚙️API
https://hashdb.openanalysis.net/
🧩IDA Plugin
https://github.com/OALabs/hashdb-ida
👾 Add Custom Algorithms
https://github.com/OALabs/hashdb
#malware #idapro #plugin #hashlib #KosBeg
⚙️API
https://hashdb.openanalysis.net/
🧩IDA Plugin
https://github.com/OALabs/hashdb-ida
👾 Add Custom Algorithms
https://github.com/OALabs/hashdb
#malware #idapro #plugin #hashlib #KosBeg
GitHub
GitHub - OALabs/hashdb-ida: HashDB API hash lookup plugin for IDA Pro
HashDB API hash lookup plugin for IDA Pro. Contribute to OALabs/hashdb-ida development by creating an account on GitHub.
CVE-2021-30632 Chrome V8 RCE Exploit for Windows
https://forum.reverse4you.org/t/cve-2021-30632-chrome-v8-rce-exploit-for-windows/17286
#expdev #windows #browser #chrome #v8 #rce #hottabych
https://forum.reverse4you.org/t/cve-2021-30632-chrome-v8-rce-exploit-for-windows/17286
#expdev #windows #browser #chrome #v8 #rce #hottabych
R0 CREW
CVE-2021-30632 Chrome V8 RCE Exploit for Windows
On September 13, 2021, Google released version 93.0.4577.82 of Chrome. The release note specified that two of the security fixed bugs, CVE-2021-30632 and CVE-2021-30633, are being exploited in the wild (both reported by anonymous researchers). CVE-2021-30632…
Phrack 2021, Issue 0x46
* Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622
* Cyber Grand Shellphish
* VM escape - QEMU Case Study
* .NET Instrumentation via MSIL bytecode injection
* Twenty years of Escaping the Java Sandbox
* Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability
* Exploiting Logic Bugs in JavaScript JIT Engines
* Hypervisor Necromancy; Reanimating Kernel Protectors
* Tale of two hypervisor bugs - Escaping from FreeBSD
* The Bear in the Arena
* Exploiting a Format String Bug in Solaris CDE
* Segfault[.]net eulogy
http://phrack.org/issues/70/1.html
#magazine #expdev #net #msil #java #vm #javascript #hypervisor #darw1n
* Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622
* Cyber Grand Shellphish
* VM escape - QEMU Case Study
* .NET Instrumentation via MSIL bytecode injection
* Twenty years of Escaping the Java Sandbox
* Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability
* Exploiting Logic Bugs in JavaScript JIT Engines
* Hypervisor Necromancy; Reanimating Kernel Protectors
* Tale of two hypervisor bugs - Escaping from FreeBSD
* The Bear in the Arena
* Exploiting a Format String Bug in Solaris CDE
* Segfault[.]net eulogy
http://phrack.org/issues/70/1.html
#magazine #expdev #net #msil #java #vm #javascript #hypervisor #darw1n
Phrack
Introduction
Click to read the article on phrack
👍1
Objective by the Sea v4.0 materials https://www.youtube.com/playlist?list=PLliknDIoYszvjA1Lix-Uce7ZDxS39J2ZY #video #conference #macos #ios #dukeBarman
YouTube
Objective by the Sea, v4.0
#OBTS v4, September 2021 Maui, HI Objective by the Sea (#OBTS) is the world's only Apple-centric security conference, which brings together the worlds top Ap...
👍1
Android security checklist: WebView
https://blog.oversecured.com/Android-security-checklist-webview/
#mobile #android #webview #checklist #security #darw1n
https://blog.oversecured.com/Android-security-checklist-webview/
#mobile #android #webview #checklist #security #darw1n
News, Techniques & Guides
Android security checklist: WebView
WebView is a web browser that can be built into an app, and represents the most widely used component of the Android ecosystem; it is also subject to the largest number of potential errors.