Source Byte

Malware Samples that could be used for teaching students about malware analysis.

Link

👍2

822 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, 11:30

Source Byte

Report2020CrowdStrikeGlobalThreatReport.pdf

2.5 MB

Report 2020 Crowd Strike Global Threat Report.pdf

#Report

786 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 11:34

Source Byte

IsUACEanable ???

#include <stdio.h>
#include <windows.h>
#include <iostream>
using namespace std;
int main()
{
    HKEY res=NULL;
    //RegOpenKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableLUA",res);
    DWORD type;
    DWORD data;
    DWORD size = sizeof(DWORD);
    long lres=RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, KEY_READ, &res);
    if (lres == ERROR_SUCCESS) {
        
        RegQueryValueExW(res, L"EnableLUA", NULL, REG_NONE, (LPBYTE)&data, &size);
        cout << data<<endl;


        return 0;
    }
    return 0;
}

#malware_dev

❤6👎1

820 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, 03:16

Source Byte

IsUACEanable ??? #include <stdio.h> #include <windows.h> #include <iostream> using namespace std; int main() { HKEY res=NULL; //RegOpenKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableLUA",res); DWORD…

Or if you want to disable it you should use RegSetValueEX() and initial the data with 0 in that
(You should have the administration rights)

740 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 03:27

Source Byte

New features of the Raspberry Robin worm
Link

#malware_analysis

Check Point Research

Raspberry Robin Keeps Riding the Wave of Endless 1-Days - Check Point Research

Key Findings Introduction Raspberry Robin is a widely distributed worm first reported by Red Canary in 2021. Its capabilities and evasions in addition to its very active distribution made it one of the most intriguing malware out there. We at Check Point…

873 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, 03:55

Source Byte

WinDbg extension for data mining managed heap. It also includes commands to list http request, wcf services, WIF tokens among others

https://github.com/rodneyviana/netext

#tool
———
@islemolecule_source

894 viewsAnastasia 🐞, 08:28

Source Byte

Unit 8200.ru.en.pdf

If you read this document you will find a section which ~~Israel~~ army have a OSINT unit , now look at this document 👇 it's all gathered from public sources and yes it is from US defense intelligence 🫡
I think we had to look OSINT as a serious job🤔

884 viewsAnastasia 🐞, edited 11:53

Source Byte

Iran_Houthi_Final.pdf

6 MB

🫡4🍌2💊1

944 viewsAnastasia 🐞, 11:53

Source Byte

Disable Windows #Defender
( Upgrade to SYSTEM)

https://github.com/EvilGreys/Disable-Windows-Defender-

#malware_dev

890 views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌$ᴘ3ᴅʏʟ1, edited 03:00

Source Byte

Forwarded from Order of Six Angles

A Deep Dive Into Exploiting Windows Thread Pools

https://urien.gitbook.io/diago-lima/a-deep-dive-into-exploiting-windows-thread-pools