Olivia
Online
Atakilti Tigabu
@AtakInjector
Joined June 2021
408 Following
12 Followers
145 Posts
🎓 Master Malware Analysis & Reverse Engineering with Google's FLARE Learning Hub
FLARE Learning Hub is a free educational platform created by Google's FLARE team, offering high-quality training in reverse engineering and malware analysis. It includes a hands-on Malware Analysis Crash Course, an in-depth Go Reverse Engineering Reference, and a practical introduction to Time Travel Debugging (TTD). Each module comes with labs, sample binaries, scripts, and reference materials, making it an excellent resource for aspiring malware analysts, reverse engineers, DFIR professionals, and CTF players.
🔗 https://t.co/NBZ0rjY3ib
#ReverseEngineering #MalwareAnalysis #DFIR #CyberSecurity #OpenSource
Part 3 of the hypervisor based game cheat series is up.
This is where the series starts moving from hypervisor primitives into actual game cheat mechanics.
This part covers EPT hooks, VM exits, VMI, monitoring loops, overlay and input delivery paths, and the point where a low level memory or execution event starts becoming cheat relevant.
Also started touching the actual game cheat side more directly this time, but this is about technical principles and mechanics, not actual code.
Big thanks and credit to @Intel80x86 @HyperDbg for the great HyperDbg work on hardware assisted debugging, EPT hidden hooks, transparent memory hooks, and VM exit based monitoring.
Can't imagine how lost it would've been without HyperDbg. Seriously a lifesaver!
Also grateful to Panicos Karkallis and Jorge Blasco Alís for the VIC research on virtual machine introspection cheats.
For a bit of context, this entire series is originally a single Korean document. Splitting it up due to the length, and it’ll probably be around 8 or 9 parts total.
Translating from the original Korean made the English version feel a bit awkward in earlier parts, so spent some extra time polishing this one. Really hope it’s a much smoother read. 🙏
Please take it as a light read. If anything is wrong or too wordy, feedback is always welcome. 😇
https://t.co/dEUSW1nlbx
https://t.co/ZOn72Ziefd
Following on our series: An Introduction to Modern Malware Development for Red Teams, today's episode is all about Portable Executables.
In this blog post, I walk you through what are PEs, what known file types are, in fact, PEs, what is their structure and what are the detection opportunities security products leverage to stop your tooling from executing even before it gets a chance to start.
Up next we will be diving into Process and Threads so we can set the stage for process injection techniques. Stay tune.
You can read the article here: https://t.co/ORKHtl4Uww
Keep hacking,
Sp1d3rM_*^!
@vxunderground The switch up is crazy.
I created two blog posts based on my Fantastic Cleartext Passwords talk, which I presented last year at BSides Munich, and I released the first part (Linux) today.
The second part (Windows) will be released next week.
Even if these techniques are not novel, I still consider them interesting enough to publish and, most importantly, to raise awareness of all the places an attacker could steal your password. Enjoy.
Link to the first part:
https://t.co/nzOBIan0bP
New video: logon sessions explained.
Every process has a token. Every token came from a logon session. But most developers never touch the session directly.
Covers: what logon sessions hold, why tokens exist as a separate layer, LsaEnumerateLogonSessions in C++, and the relevant structures in WinDbg.
https://t.co/36thke3K3U
Never seen this much details IIS guide
https://t.co/Icx5E8wwDp
https://t.co/laDOE5LChz
"When an organisation uses Exchange Online (or on-premises exchange in hybrid mode) with a third-party mail server or spam filter as its MX record, it is possible to send mail from any sender to that organisation. Outlook delivers it without warning"
https://t.co/sZ38OsIlxm
https://t.co/luYPmYRhqJ
🔍 New on the blog: Choking Microsoft Defender with native Windows QoS policies (EDRChoker Explained)
Defender catches @TwoSevenOneT's binary, but that doesn't stop me from using Powershell to achieve the same. Full explaination @
https://t.co/251Ca0tUY7
https://t.co/5coVZ495VA
https://t.co/7b7k0LVGPn If you're in Canada or the UK or any of the countries attempting to impose restrictions for identity or age; Immediately clone/cope this repo to an offline drive somewhere you can still easily access. Keep it safe, you may need it in the future. If you don't have it at least kept somewhere after everything's in place it's already too late for you.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.6M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.5M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.9M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.6M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers