Someone published the source code of the GAPZ bootkit:
Bootkit: https://github.com/Darkabode/zerokit
Usermode Part: https://github.com/Darkabode/possessor
Server Controller Part: https://github.com/Darkabode/0ctrl
Some shared Code: https://github.com/Darkabode/0lib
Analysis GAPZ Bootkit: https://www.welivesecurity.com/wp-content/uploads/2013/04/gapz-bootkit-whitepaper.pdf
#vx #rootkit #bootkit #re #source #leak #darw1n
Bootkit: https://github.com/Darkabode/zerokit
Usermode Part: https://github.com/Darkabode/possessor
Server Controller Part: https://github.com/Darkabode/0ctrl
Some shared Code: https://github.com/Darkabode/0lib
Analysis GAPZ Bootkit: https://www.welivesecurity.com/wp-content/uploads/2013/04/gapz-bootkit-whitepaper.pdf
#vx #rootkit #bootkit #re #source #leak #darw1n
GitHub
GitHub - Darkabode/zerokit: Zerokit/GAPZ rootkit (non buildable and only for researching)
Zerokit/GAPZ rootkit (non buildable and only for researching) - GitHub - Darkabode/zerokit: Zerokit/GAPZ rootkit (non buildable and only for researching)
Some part of FIN7 (aka CARBANK) source code has leaked to VirusTotal:
https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-one-a-rare-occurrence.html
#malware #source #leak #fin7 #darw1n
https://www.fireeye.com/blog/threat-research/2019/04/carbanak-week-part-one-a-rare-occurrence.html
#malware #source #leak #fin7 #darw1n
Google Cloud Blog
CARBANAK Week Part One: A Rare Occurrence | Google Cloud Blog
We kick off CARBANAK Week with the first post in our four-part blog series.
Source code for Hexext was released! Hexext is a plugin for extending Hexrays 7.0 via microcode. It makes code prettier.
Info: https://forum.reverse4you.org/t/hexext-source-release-the-return-of-the-hex/10675
Github: https://github.com/chrisps/Hexext
#re #idapro #plugin #source #darw1n
Info: https://forum.reverse4you.org/t/hexext-source-release-the-return-of-the-hex/10675
Github: https://github.com/chrisps/Hexext
#re #idapro #plugin #source #darw1n
R0 CREW
Hexext source release - The Return of the Hex
The repo also contains new releases, which may be unstable as I havent tested much. Before is to the left, after is to the right Itβs still super messy, Iβve just kinda given up on making it less messy for now. Documentation isnβt that great either.β¦
vmp-3.5.1.zip
20.2 MB
VMProtect Source Code (Leaked 07.12.2023)
mirror:
https://github.com/jmpoep/vmprotect-3.5.1
#tools #source #leaked #vmp #protector
intel.cc and processors.cc included
mirror:
https://github.com/jmpoep/vmprotect-3.5.1
#tools #source #leaked #vmp #protector
π₯48β€7π3π1