Windows Kernel Explorer (you can simply call it as "WKE") is a free but powerful kernel research tool. It supports from Windows XP to Windows 10 (32-bit and 64-bit). Compared with WIN64AST and PCHunter, WKE can run on the latest Windows 10 without updating binary files.
https://github.com/AxtMueller/Windows-Kernel-Explorer
#tools #kernel #windows #antirootkit #darw1n
https://github.com/AxtMueller/Windows-Kernel-Explorer
#tools #kernel #windows #antirootkit #darw1n
GitHub
GitHub - AxtMueller/Windows-Kernel-Explorer: A free but powerful Windows kernel research tool.
A free but powerful Windows kernel research tool. Contribute to AxtMueller/Windows-Kernel-Explorer development by creating an account on GitHub.
Ghidra Processor Module to disassemble and decompile the x86 Intel Atom microcode https://github.com/pietroborrello/ghidra-atom-microcode #reverse #ghidra #dukeBarman
GitHub
GitHub - pietroborrello/ghidra-atom-microcode: Ghidra Processor Module to disassemble and decompile the x86 Intel Atom microcode
Ghidra Processor Module to disassemble and decompile the x86 Intel Atom microcode - pietroborrello/ghidra-atom-microcode
@VolgaCTF 2021 is an international inter-university cybersecurity competition with a local conference taking place in Samara, Russia on September 13-17.
Schedule of Presentations:
https://volgactf.ru/en/volgactf-2021/final/
Registration Form (free for everyone):
https://forms.yandex.ru/u/612dc0bd893f1f629d79d1e4/
#VolgaCTF #Conference #CTF
Schedule of Presentations:
https://volgactf.ru/en/volgactf-2021/final/
Registration Form (free for everyone):
https://forms.yandex.ru/u/612dc0bd893f1f629d79d1e4/
#VolgaCTF #Conference #CTF
iOS Wi-Fi Demon: From iOS Format String to Zero-Click RCE
https://ictexpertsluxembourg.lu/technical-corner/ios-wi-fi-demon-from-ios-format-string-to-zero-click-rce/
#reverse #expdev #mobile #ios #rce #formatstring #darw1n
https://ictexpertsluxembourg.lu/technical-corner/ios-wi-fi-demon-from-ios-format-string-to-zero-click-rce/
#reverse #expdev #mobile #ios #rce #formatstring #darw1n
DEEP
DEEP – Votre partenaire pour une transformation digitale réussie
Avec son expertise en Cloud, Cybersécurité, Data et Télécom, DEEP aide les organisations à innover de manière responsable et à créer de la valeur à l’ère numérique.
Powerful automated tool for reverse engineering Unity IL2CPP binaries
https://github.com/djkaty/Il2CppInspector
#reverse #unity #tools #il2cpp #ida #ghidra #x64dbg #ilspy #dnspy #inject #hook #obfuscation #darw1n
https://github.com/djkaty/Il2CppInspector
#reverse #unity #tools #il2cpp #ida #ghidra #x64dbg #ilspy #dnspy #inject #hook #obfuscation #darw1n
GitHub
GitHub - djkaty/Il2CppInspector: Powerful automated tool for reverse engineering Unity IL2CPP binaries
Powerful automated tool for reverse engineering Unity IL2CPP binaries - djkaty/Il2CppInspector
iOS Tweak Development
Part1: https://cwcaude.github.io/project/tutorial/2020/07/02/iOS-tweak-dev-1.html
Part2: https://cwcaude.github.io/project/tutorial/2020/07/04/iOS-tweak-dev-2.html
Part3: https://cwcaude.github.io/project/tutorial/2020/07/12/iOS-tweak-dev-3.html
Part4: https://cwcaude.github.io/project/tutorial/2020/07/16/iOS-tweak-dev-4.html
#dev #mobile #ios #tweak #darw1n
Part1: https://cwcaude.github.io/project/tutorial/2020/07/02/iOS-tweak-dev-1.html
Part2: https://cwcaude.github.io/project/tutorial/2020/07/04/iOS-tweak-dev-2.html
Part3: https://cwcaude.github.io/project/tutorial/2020/07/12/iOS-tweak-dev-3.html
Part4: https://cwcaude.github.io/project/tutorial/2020/07/16/iOS-tweak-dev-4.html
#dev #mobile #ios #tweak #darw1n
Android ADB plugin for Total Commander:
Original: https://4pda.to/forum/index.php?showtopic=374826
Mirror: https://totalcmd.net/plugring/android_adb.html
#tools #mobile #android #adb #darw1n
Original: https://4pda.to/forum/index.php?showtopic=374826
Mirror: https://totalcmd.net/plugring/android_adb.html
#tools #mobile #android #adb #darw1n
4pda.to
Android ADB - 4PDA
Android ADB, плагин для Total Commander
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
https://github.com/majd/ipatool
#tweak #tool #mobile #ios #ipa #darw1n
https://github.com/majd/ipatool
#tweak #tool #mobile #ios #ipa #darw1n
GitHub
GitHub - majd/ipatool: Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App…
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store - majd/ipatool
Nim implementation of Process Hollowing using syscalls (for educational purposes)
https://github.com/snovvcrash/NimHollow
#malware #redteam #processhollowing #inject #darw1n
https://github.com/snovvcrash/NimHollow
#malware #redteam #processhollowing #inject #darw1n
GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI
https://github.blog/2021-09-08-github-security-update-vulnerabilities-tar-npmcli-arborist/
#expdev #tar #cli #darw1n
https://github.blog/2021-09-08-github-security-update-vulnerabilities-tar-npmcli-arborist/
#expdev #tar #cli #darw1n
The GitHub Blog
GitHub security update: Vulnerabilities in tar and @npmcli/arborist
Between July 21 and August 13 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist.
👍1
This page was designed to be a useful, informational asset for those looking to understand the specific tactics, techniques, and procedures (TTPs) attackers are leveraging to compromise active directory and guidance to mitigation, detection, and prevention. And understand Active Directory Kill Chain Attack and Modern Post Exploitation Adversary Tradecraft Activity.
https://github.com/infosecn1nja/AD-Attack-Defense
#redteam #activedirectory #darw1n
https://github.com/infosecn1nja/AD-Attack-Defense
#redteam #activedirectory #darw1n
GitHub
GitHub - infosecn1nja/AD-Attack-Defense: Attack and defend active directory using modern post exploitation adversary tradecraft…
Attack and defend active directory using modern post exploitation adversary tradecraft activity - infosecn1nja/AD-Attack-Defense
👍1
Tickling VMProtect with LLVM https://forum.reverse4you.org/t/tickling-vmprotect-with-llvm/16980 #reverse #vmprotect #llmv #tutorial #darw1n
R0 CREW
Tickling VMProtect with LLVM
This series of posts delves into a collection of experiments I (fvrmatteo) did in the past while playing around with LLVM and VMProtect. I recently decided to dust off the code, organize it a bit better and attempt to share some knowledge in such a way that…
Anubis Android Malware Analysis / Source Code https://forum.reverse4you.org/t/anubis-android-malware-analysis/16982 #reverse #mobile #malware #anroid #anubis #analysis #darw1n
R0 CREW
Anubis Android Malware / Source Code / Leaked
Anubis is one of the most well-known malware in the Android Malware family. It’s still popular for threat actors today, given its capabilities and the damage it has done to andorid users in the past. On the other hand, it offers many Malware Developers the…
JavaScript Deobfuscator and Unpacker https://forum.reverse4you.org/t/javascript-deobfuscator-and-unpacker/16986 #tools #malware #javascript #unpack #obfuscation #darw1n
R0 CREW
JavaScript Deobfuscator and Unpacker
Online: https://lelinhtinh.github.io/de4js/ Github: GitHub - lelinhtinh/de4js: JavaScript Deobfuscator and Unpacker
GDA, a new Dalvik bytecode decompiler, is implemented in C++
https://forum.reverse4you.org/t/gda-gjoy-dex-analyzer/16985 #reverse #tools #mobile #android #decompiler #apk #dex #dalvik #darw1n
https://forum.reverse4you.org/t/gda-gjoy-dex-analyzer/16985 #reverse #tools #mobile #android #decompiler #apk #dex #dalvik #darw1n
R0 CREW
GDA (GJoy Dex Analyzer)
GDA, a new Dalvik bytecode decompiler, is implemented in C++, which has the advantages of faster analysis and lower memory&disk consumption and an stronger ability to decompiling the APK, DEX, ODEX, OAT files(supports JAR, CLASS and AAR files since 3.79).…
👍1
Cross-platform agent and Post-exploitation tool written in Golang and C++
https://forum.reverse4you.org/t/cross-platform-agent-and-post-exploitation-tool-written-in-golang-and-c/17060
#tools #postexploitation #redteam #agent #framework #darw1n
https://forum.reverse4you.org/t/cross-platform-agent-and-post-exploitation-tool-written-in-golang-and-c/17060
#tools #postexploitation #redteam #agent #framework #darw1n
R0 CREW
Cross-platform agent and Post-exploitation tool written in Golang and C++
Free, Open-Source, Cross-platform agent and Post-exploitation tool written in Golang and C++ beacon: Agent, written in C++. teamserver: Server, written in Golang. teamclient: User client, written in C++, the UI use Qt-GUI. Features Supported C2 Protocols:…
Roppeer is a tool to find gadgets and build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64)
https://forum.reverse4you.org/t/roppeer-is-a-tool-to-find-gadgets-and-build-rop-chains-for-different-architectures-x86-x86-64-arm-arm64-mips-powerpc-sparc64/17064
#tools #expdev #ropchain #rop #python #diablo
https://forum.reverse4you.org/t/roppeer-is-a-tool-to-find-gadgets-and-build-rop-chains-for-different-architectures-x86-x86-64-arm-arm64-mips-powerpc-sparc64/17064
#tools #expdev #ropchain #rop #python #diablo
R0 CREW
Roppeer is a tool to find gadgets and build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64)
Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework. https://github.com/sashs/Ropper
Analyzing a Patch of a Virtual Machine Escape on VMware
https://forum.reverse4you.org/t/analyzing-a-patch-of-a-virtual-machine-escape-on-vmware/17110
#reverse #windows #expdev #patchanalysis #patch #analysis #vmware #darw1n
https://forum.reverse4you.org/t/analyzing-a-patch-of-a-virtual-machine-escape-on-vmware/17110
#reverse #windows #expdev #patchanalysis #patch #analysis #vmware #darw1n
R0 CREW
Analyzing a Patch of a Virtual Machine Escape on VMware
The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion. On Workstation Pro and Fusion, the issue cannot…
👍1