Here are the great open resources I use to learn and build c2 frameworks. 0xrick.github.io/misc/c2/ shogunlab.gitbook.io/building-c2-im… howto.thec2matrix.com barrymalone.medium.com/sliver-an-awes… av.tib.eu/media/54337 #c2 #server #redteam #pentesting #cybersecurity #infosec

I wrote a post on coverage guided fuzzing for native Android libraries (using Frida & Radamsa), check it out on KnifeCoat 🔪🧥 knifecoat.com/Posts/Coverage…

Excited to share that I've been selected as a Google Summer of Code contributor with the RTEMS Project! My project focuses on enhancing debugging capabilities within RTEMS by integrating Python initializers into GDB. Project link: summerofcode.withgoogle.com/programs/2024/… #GSOC #Python

Structured Exception Handling & Vectored Exception Handling has been in long time usage within the Windows ecosystem. I have written a blogpost on a security perspective that leverages them that you might not be aware of. Link: amunrha.github.io/posts/seh_veh_…

Delve into Windows Memory Internals! Explore virtual address spaces, process internals and memory models for a deeper understanding of memory forensics & malware analysis! Third post of Malware Development, Analysis and DFIR Series azr43lkn1ght.github.io/Malware%20Deve… #DFIR #Memoryforensics

I wrote a blogpost and a tool on how to abuse Vectored Exception Handling (VEH) along with indirect syscalls to produce legitimate call stack without manually constructing them. Blog Link: whiteknightlabs.com/2024/07/31/lay… Tool Link: github.com/WKL-Sec/Layere…

Got my first CVE(CVE-2024-8143), Huge thanks to all my mentors at teambi0s and all the people at huntr 🙂. Report: huntr.com/bounties/71c5e….

Just Published a tool to parse Ext4 File System of Android and Linux. it can File System, Superblock, Group Descriptor, inode, xattr, Directory, Blocks, Extent and hashtree informations. Just have to extend parsing journal and decrypting Android FBE. github.com/Azr43lKn1ght/e…

🎉Attention all young cyber enthusiasts!🎉 🌐Join the exciting journey of learning and discovery at InCTFj 2024, India’s premier hacking and cybersecurity contest. 💻🔓 Register now at junior.inctf.in #InCTFJ #inctf #cybersecurity #hack #school #security #infosec #bi0s

🎉 Attention Students! 🎉 Join us today at 6 PM for our first InCTF Junior Training Session: Introduction to CTF! 🚀 📺 Watch live on YouTube: youtube.com/@InCTFj/live Don’t miss this chance to level up your hacking skills! See you there! #CTF #Cybersecurity #InCTF #LearnToHack

obfus.h is the powerfull compile-time obfuscator for C (win32/64). Supports virtualization, anti-debugging, control flow obfuscation and other code mutation techniques to prevent disassembly or decompilation. #CodeSecurity #Obfuscation #infosec github.com/DosX-dev/obfus…

Coauthored an article for SANS Institute with my friend Abdelrhman on "Analysis of Virtual Address Descriptors" for hunting malwares, ransomware keys, notepad abuse/data recovery and detailed windows internals of a process and its memory structure. sans.org/blog/the-analy…

Introducing DFIR Labs: A 24-challenge series by internationally acclaimed CTF authors, tailored for professionals, researchers and students. Master DFIR, Malware Analysis and Threat Hunting through challenges designed to push your expertise to new heights github.com/Azr43lKn1ght/D…

I have done Parallel syscall technique in Rust. github.com/Whitecat18/Rus… Inspired by MDSec Research. #research #poc #rust

Call Stacks: No More Free Passes For Malware elastic.co/security-labs/…

EDR vendors secure their sales pipelines but neglect monitoring GitHub for exposed installer tokens -leaving customers vulnerable to abuse and over-licensing. Adversaries likely exploit these tokens to build sandboxes for payload testing. Here are search patterns to help

As a little follow up, I wrote a small blog post/tutorial on how to reverse engineer windows drivers with IDA - this is aimed at people that newer touched drivers before and covers IOCTL codes, IRPs and some IDA shenanigans with unions. eversinc33.com/posts/driver-r… Enjoy :3

Exploiting Reversing (ER)series: Article 01 | Windows kernel drivers TLDR; This article we will review concepts, architecture and practical steps related to vulnerability research. exploitreversing.com/wp-content/upl…

I'm happy to share that I've received a $13,337 bounty from Google for a high-impact vulnerability I reported. My thanks to the Google VRP (Google Bug Hunters) team. A full technical write-up is coming once the fix is confirmed. #bugbounty #infosec #cybersecurity #GoogleVRP