![embee_research's tweet photo. Reverse Engineering a #CobaltStrike #malware sample and extracting C2's using three different methods.
We'll touch on #cyberchef, #x64dbg and Speakeasy from fireeye to perform manual analysis and emulation of #shellcode.
A (big) thread ⬇️⬇️
[1/23] https://t.co/FlUVDYHxC5](https://pbs.twimg.com/media/FcXAj_raIAI13nk.jpg)
![embee_research's tweet photo. Reverse Engineering a #CobaltStrike #malware sample and extracting C2's using three different methods.
We'll touch on #cyberchef, #x64dbg and Speakeasy from fireeye to perform manual analysis and emulation of #shellcode.
A (big) thread ⬇️⬇️
[1/23] https://t.co/FlUVDYHxC5](https://pbs.twimg.com/media/FcW78UtakAQ3XDN.png)
Olivia
Online
sh4hin
@s3cdev
Threat Emulation/Hunting | Linux/Mac enthusiast
Joined September 2012
4.5K Following
969 Followers
414 Posts
Pinned Tweet
I have recently developed a tool which consists of 13 different shell code injections to evaluate endpoint detection capabilities. All credits go to @Ne0nd0g @_D00mfist @C__Sto @_batsec_ @spotheplanet for their amazing works that inspired me to do it.
https://t.co/Zq1SkbpKS2
@scada_plc 👍 great idea
@0xcc00 Thanks for the great work on this PoC. I’m facing an issue ,the command output isn’t showing in the Gemini console, and it can’t detect live beacons. Not sure if I’m missing something. Happy to continue here or via DM
Who to follow
kmkz
@kmkz_security
Bourbon Offensive Security Services | BOSS
Melvin langvik 
@Flangvik
Red Team @TrustedSec , terrible creator of InfoSec content 📹Opinions are my own and not the views of my employer.
AeliaVision
@aeliavision
Cinematic AI • Apps • SaaS • Creator Tools
Building high-end digital products, AI workflows, and visual systems for creators, brands, and businesses.
@DebugPrivilege Good luck 👍
@djnn1337 Thanks, it was while back and the codes should be rewritten 😁
@djnn1337 Great job
@AliceCliment Great job
In nearly all of our on-premises engagements, a threat actor has taken total full control of Active Directory. If you are interested in the kind of things @MicrosoftDART finds, and how we recommend you secure Active Directory, then this blog is for you - https://t.co/D7fdIbsUn0
@cyb3rops BackgroundHost.exe
Reverse Engineering a #CobaltStrike #malware sample and extracting C2's using three different methods.
We'll touch on #cyberchef, #x64dbg and Speakeasy from fireeye to perform manual analysis and emulation of #shellcode.
A (big) thread ⬇️⬇️
[1/23]
![embee_research's tweet photo. Reverse Engineering a #CobaltStrike #malware sample and extracting C2's using three different methods.
We'll touch on #cyberchef, #x64dbg and Speakeasy from fireeye to perform manual analysis and emulation of #shellcode.
A (big) thread ⬇️⬇️
[1/23] https://t.co/FlUVDYHxC5](https://pbs.twimg.com/media/FcXA6sfaUAAKpv_.png)
I'm happy to share the results of months of research on code injection, process tampering, and their detection! 🥳
Here you'll find technique categorization, a dive into the underlying OS mechanisms, sample demos, detection suggestions, and much more:
https://t.co/KZyI0PKlPz
Check out capa v4 with:
1. support for analyzing .NET executables
2. finer grained capability detection via instruction and operand features
3. many new and updated detection rules
Blog: https://t.co/0WPjK5jKNI
Binaries: https://t.co/QPpiGZgtap
Source: https://t.co/gWbLkjgYG9
@zux0x3a Nice 👍
Great book, Well done!
@rahi_sec The ebook is currently available here
https://t.co/dvGw3JaB8X
NimGetSyscallStub is now public, the first public fully working (didn't find another myself) Nim imlementation + PoC to grab fresh Syscalls from disk on runtime:
https://t.co/E6NjcWviAm
@chvancooten even with a yara rule (with your template 🤓)
@nas_bench Nice 👍
Last Seen Users on Sotwe
pas_30_69
Seen from Indonesia
Parejita Nezahualcoyotl
Seen from Mexico
Candy🍭🌻🍬
Seen from United States
khanjan
Seen from Pakistan
けん
Seen from Japan
فههد20
Seen from Netherlands
Egypt Gay
Seen from Turkey
🔞Hair&FeetRT🔞
Seen from Netherlands
جكَسيءَ 🙇🏼♂️💗 .
Seen from Germany
k h ! m
Seen from Netherlands
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers