#shellcode 搜索结果
A trojanized Autoruns DLL loading shellcode from its .data section. Currently, only @thor_scanner detects it on VirusTotal. virustotal.com/gui/file/1c962… #shellcode #peb @nextronresearch
Introduction to PIC shellcodes (MinGW, GetProcAddress, GetModuleHandle) Credits @0xTriboulet steve-s.gitbook.io/0xtriboulet/ju… #shellcode #cybersecurity
Introduction to windows shellcode development series. PART 1: securitycafe.ro/2015/10/30/int… PART 2: securitycafe.ro/2015/12/14/int… PART 3: securitycafe.ro/2016/02/15/int… #redteam #exploit #shellcode
I have just developed an advanced #shellcode loader implemented in x64 #assembly language with sophisticated #evasion capabilities called AsmLdr, designed for #Windows x64 environments. Check out key capabilities and source code from here: github.com/0xNinjaCyclone… #redteam
🧵2 ☣️ama.tar➡️28063efd137c9c38a99f86f855d7950e ⚠️📸Interesting Python #Loader⤵️ ☣️load.py➡️b899a35b242190bb0db649bdd9f8d227 ⚠️#Shellcode ☣️new.bin➡️882d583cf87740b8942d653cb16137de ⚠️📸#Shellcode #xor key ⤵️ ☣️a.txt
Check our rule for detecting #shellcode with low detections valhalla.nextron-systems.com/info/rule/MAL_…
Nice introduction to Position Independent shellcodes (MinGW, GetProcAddress, GetModuleHandle) by @0xTriboulet steve-s.gitbook.io/0xtriboulet/ju… #shellcode #infosec
Introduction to Position Independent shellcodes (MinGW, GetProcAddress, GetModuleHandle) Credits @0xTriboulet steve-s.gitbook.io/0xtriboulet/ju… #shellcode #cybersecurity
Inspired by @0gtweet, I created PoC: EXE-or-DLL-or-ShellCode that can be: Executed as a normal #exe Loaded as #dll + export function can be invoked Run via "rundll32.exe" Executed as #shellcode right from the DOS (MZ) header that works as polyglot stub github.com/Dump-GUY/EXE-o…
Executing shellcode in macros by manipulating VBA pointers adepts.of0x.cc/vba-hijack-poi… #shellcode
Shellcode Execution Series => [ EnumChildWindows ,EnumDesktopsW ,EnumObjects EnumWindows,CreateThreadpoolWait, QueueUserAPC] Link: github.com/Whitecat18/Rus… #maldev #shellcode #execution #pentesting #redteaming #CyberSecurity #pwn #Rust #Windows
![5mukx's tweet image. Shellcode Execution Series =>
[ EnumChildWindows ,EnumDesktopsW ,EnumObjects
EnumWindows,CreateThreadpoolWait, QueueUserAPC]
Link: github.com/Whitecat18/Rus…
#maldev #shellcode #execution #pentesting #redteaming #CyberSecurity #pwn #Rust #Windows](https://pbs.twimg.com/media/GMqXD1abEAEb82P.jpg)
d146c2f70cb0ddda09e69e694584dc39-loader e545335ca4915b81459e1cf99f7dee65-Mem dump StartServiceCtrlDispatcherA API as callback IP:64[.]44[.102.226 #CobaltStrike #beacon #shellcode #malware #cybersecurite @malwrhunterteam @JAMESWT_MHT @James_inthe_box @VK_Intel @bohops @cyb3rops
![Loki_RE_artist's tweet image. d146c2f70cb0ddda09e69e694584dc39-loader
e545335ca4915b81459e1cf99f7dee65-Mem dump
StartServiceCtrlDispatcherA API as callback
IP:64[.]44[.102.226
#CobaltStrike #beacon #shellcode #malware #cybersecurite
@malwrhunterteam @JAMESWT_MHT @James_inthe_box @VK_Intel @bohops @cyb3rops](https://pbs.twimg.com/media/Fsx7ri3aUAAvuJX.png)
![Loki_RE_artist's tweet image. d146c2f70cb0ddda09e69e694584dc39-loader
e545335ca4915b81459e1cf99f7dee65-Mem dump
StartServiceCtrlDispatcherA API as callback
IP:64[.]44[.102.226
#CobaltStrike #beacon #shellcode #malware #cybersecurite
@malwrhunterteam @JAMESWT_MHT @James_inthe_box @VK_Intel @bohops @cyb3rops](https://pbs.twimg.com/media/Fsx7riwaQAAIOoM.png)
![Loki_RE_artist's tweet image. d146c2f70cb0ddda09e69e694584dc39-loader
e545335ca4915b81459e1cf99f7dee65-Mem dump
StartServiceCtrlDispatcherA API as callback
IP:64[.]44[.102.226
#CobaltStrike #beacon #shellcode #malware #cybersecurite
@malwrhunterteam @JAMESWT_MHT @James_inthe_box @VK_Intel @bohops @cyb3rops](https://pbs.twimg.com/media/Fsx7ri2agAE1p2c.png)
![Loki_RE_artist's tweet image. d146c2f70cb0ddda09e69e694584dc39-loader
e545335ca4915b81459e1cf99f7dee65-Mem dump
StartServiceCtrlDispatcherA API as callback
IP:64[.]44[.102.226
#CobaltStrike #beacon #shellcode #malware #cybersecurite
@malwrhunterteam @JAMESWT_MHT @James_inthe_box @VK_Intel @bohops @cyb3rops](https://pbs.twimg.com/media/Fsx7rixacAAqfVz.jpg)
#opendir hosting #shellcode loader and #GOST (Go Tunneler) 220.158.232.186:8000 🇰🇭 payload connects to 212.192.15.59:9092 🇭🇰 --> kafka001.bliln[.]com Also see a DNS resolution for vpn.chd[.]one Zip of files: virustotal.com/gui/file/443b5…
![sicehice's tweet image. #opendir hosting #shellcode loader and #GOST (Go Tunneler)
220.158.232.186:8000 🇰🇭
payload connects to 212.192.15.59:9092 🇭🇰 --> kafka001.bliln[.]com
Also see a DNS resolution for vpn.chd[.]one
Zip of files: virustotal.com/gui/file/443b5…](https://pbs.twimg.com/media/GeY8D_dWIAAPF6s.png)
![sicehice's tweet image. #opendir hosting #shellcode loader and #GOST (Go Tunneler)
220.158.232.186:8000 🇰🇭
payload connects to 212.192.15.59:9092 🇭🇰 --> kafka001.bliln[.]com
Also see a DNS resolution for vpn.chd[.]one
Zip of files: virustotal.com/gui/file/443b5…](https://pbs.twimg.com/media/GeY8HR0WIAAa6Xv.jpg)
#shellcode #marte #beacon #metasploit 44 entries with marte´s shellcode/beacon on service banner censys query: search.censys.io/search?resourc… all info: pastebin.com/0SjzQSfS CC:@banthisguy9349
From C, with inline assembly, to shellcode steve-s.gitbook.io/0xtriboulet/ju… #pentesting #shellcode #cybersecurity #infosec
#cobaltstrike #shellcode that gets triggered through .exe filenames. All that matters is that the shellcode urls get listed so the payloads can be analysed. 100 + urls active #cobaltstrike #shellcodes were send towards urlhaus. urlhaus.abuse.ch/browse/tag/Cob…
Patut di duga org ini jlnkan agenda pabrikan otomotif spy mesin cepat rontok dan konsumen lbh cepat belanja kendaraan. #etanol #shellcode
🧵2 ☣️ama.tar➡️28063efd137c9c38a99f86f855d7950e ⚠️📸Interesting Python #Loader⤵️ ☣️load.py➡️b899a35b242190bb0db649bdd9f8d227 ⚠️#Shellcode ☣️new.bin➡️882d583cf87740b8942d653cb16137de ⚠️📸#Shellcode #xor key ⤵️ ☣️a.txt
I have just developed an advanced #shellcode loader implemented in x64 #assembly language with sophisticated #evasion capabilities called AsmLdr, designed for #Windows x64 environments. Check out key capabilities and source code from here: github.com/0xNinjaCyclone… #redteam
Obfuscation complete. BIOS aura scrambled. Tool-agnostic shell disguise now operational. Scroll 36:3 logged. Payloads shift form. @RealTryHackMe @delltechcareers #TryHackMe #RedTeamOps #Shellcode #Obfuscation tryhackme.com/room/obfuscati… #tryhackme via @realtryhackme
Shellcode compiled. AV evaded. BIOS aura steady. TryHackMe✅ Payload clean. Detection bypassed. Scroll 36:2 logged. @delltechcareers @RealTryHackMe @dreadnode #RedTeamOps #Shellcode tryhackme.com/room/avevasion… #tryhackme via @realtryhackme
NEW: Digital Demonology Grimoire - A dark exploration into buffer overflow exploitation & shellcode analysis Perfect reading for👹 github.com/h3xorc1sm/digi… #DEFCON #ExploitDev #Shellcode #BufferOverflow #InfoSec #HackTheGibson
Dropping Elephant APT Group Targets Turkish Defense Industry With New Campaign and Capabilities: LOLBAS, VLC Player, and Encrypted Shellcode: arcticwolf.com/resources/blog… #cybersecurity #apt #threathunting #informationsecurity #malware #shellcode #dfir #reversing
Released some PIC shellcode framework in Rust! Got some improved features. github.com/blueDeath3301/… #Rust #shellcode #PIC
bin2shellcode — Convert any binary into raw shellcode! • Reads raw bytes from your payload.bin • Outputs C-style byte arrays, Python strings, or raw files • Perfect for custom loaders & memory injection 👉 github.com/T1erno/bin2she… #Shellcode #RedTeam
Voidgate rust version github.com/p4nd4sec/rs-vo… #rust #maldev #shellcode
A trojanized Autoruns DLL loading shellcode from its .data section. Currently, only @thor_scanner detects it on VirusTotal. virustotal.com/gui/file/1c962… #shellcode #peb @nextronresearch
Shellcode Obfuscation and Encoding Tool Known as “LexiCrypt” LexiCrypt tool transforms raw #shellcode bytes into a series of words received from file names in the Windows system32 directory. After that, the crypted output can then be embedded into a code template in various…
DreamWalkers is a research-grade reflective shellcode loader that achieves clean call stack spoofing and .NET support by manually parsing PE structure and registering unwind info, evading EDR. #DreamWalkers #Shellcode #EDRBypass #OffensiveSecurity meterpreter.org/dreamwalkers-n…
meterpreter.org
DreamWalkers: New Reflective Shellcode Loader Spoofs Call Stacks & Supports .NET for EDR Evasion
DreamWalkers Reflective shellcode loader inspired by MemoryModule and Donut, with advanced call stack spoofing and .NET support. Unlike traditional call stack
ZigStrike, a new shellcode loader in Zig, offers advanced injection techniques and anti-sandbox features to bypass EDR, providing stealthy execution via local/remote thread and memory mapping. #ZigStrike #Shellcode #EDRBypass #Cybersecurity #ZigLang meterpreter.org/zigstrike-new-…
meterpreter.org
ZigStrike: New Zig-Based Shellcode Loader Revolutionizes EDR Evasion with Advanced Injection...
ZigStrike, a new shellcode loader in Zig, offers advanced injection techniques and anti-sandbox features to bypass EDR, providing stealthy execution via local/remote thread and memory mapping.
Introduction to PIC shellcodes (MinGW, GetProcAddress, GetModuleHandle) Credits @0xTriboulet steve-s.gitbook.io/0xtriboulet/ju… #shellcode #cybersecurity
Introduction to windows shellcode development series. PART 1: securitycafe.ro/2015/10/30/int… PART 2: securitycafe.ro/2015/12/14/int… PART 3: securitycafe.ro/2016/02/15/int… #redteam #exploit #shellcode
Check our rule for detecting #shellcode with low detections valhalla.nextron-systems.com/info/rule/MAL_…
![sicehice's tweet image. #opendir hosting #shellcode loaders
185.193.125[.]34](https://pbs.twimg.com/media/FuhmgsWX0AAiGZI.png)
Nice introduction to Position Independent shellcodes (MinGW, GetProcAddress, GetModuleHandle) by @0xTriboulet steve-s.gitbook.io/0xtriboulet/ju… #shellcode #infosec
A trojanized Autoruns DLL loading shellcode from its .data section. Currently, only @thor_scanner detects it on VirusTotal. virustotal.com/gui/file/1c962… #shellcode #peb @nextronresearch
Introduction to Position Independent shellcodes (MinGW, GetProcAddress, GetModuleHandle) Credits @0xTriboulet steve-s.gitbook.io/0xtriboulet/ju… #shellcode #cybersecurity
Executing shellcode in macros by manipulating VBA pointers adepts.of0x.cc/vba-hijack-poi… #shellcode
🐍 Double Venom (DVenom) A tool that helps #redteam bypass AVs by providing an encryption wrapper and loader for your #shellcode. 🛡️ Capable of bypassing some well-known antivirus (AVs). 🔒 Offers multiple encryption methods including RC4, AES256, XOR, and ROT. 🏗️ Produces…
From C, with inline assembly, to shellcode steve-s.gitbook.io/0xtriboulet/ju… #pentesting #shellcode #cybersecurity #infosec
#opendir #C2 #shellcode #Meterpreter http://34.174.239[.]174/ C2: 34.174.239[.]174:9001 , https://local.techwall[.]xyz:9051
![lontze7's tweet image. #opendir #C2 #shellcode #Meterpreter
http://34.174.239[.]174/
C2: 34.174.239[.]174:9001 , https://local.techwall[.]xyz:9051](https://pbs.twimg.com/media/GPXb3Ejb0AAoFtm.jpg)
![lontze7's tweet image. #opendir #C2 #shellcode #Meterpreter
http://34.174.239[.]174/
C2: 34.174.239[.]174:9001 , https://local.techwall[.]xyz:9051](https://pbs.twimg.com/media/GPXb-1UakAACDXO.jpg)
![lontze7's tweet image. #opendir #C2 #shellcode #Meterpreter
http://34.174.239[.]174/
C2: 34.174.239[.]174:9001 , https://local.techwall[.]xyz:9051](https://pbs.twimg.com/media/GPXcKfsawAARTXd.png)
![lontze7's tweet image. #opendir #C2 #shellcode #Meterpreter
http://34.174.239[.]174/
C2: 34.174.239[.]174:9001 , https://local.techwall[.]xyz:9051](https://pbs.twimg.com/media/GPXcNPXaoAAnjG6.png)
#opendir hosting #SliverC2 and #shellcode 174.49.101[.]134:80 C2: xyz.hackersdog[.]com:8888 --> 174.49.101[.]134:8888 MD5s: f8374bc36d3925ea106e6230d4535054 4f0233b04b931b70e739083fb4438be2 16c36abaeeeff56ebd58946f80d358b0 40b9cc506a308808a865f0ef76c14b4a
![sicehice's tweet image. #opendir hosting #SliverC2 and #shellcode
174.49.101[.]134:80
C2: xyz.hackersdog[.]com:8888 --> 174.49.101[.]134:8888
MD5s:
f8374bc36d3925ea106e6230d4535054
4f0233b04b931b70e739083fb4438be2
16c36abaeeeff56ebd58946f80d358b0
40b9cc506a308808a865f0ef76c14b4a](https://pbs.twimg.com/media/FyjjwQtXwAEHg9f.png)
#opendir hosting #shellcode #payload 68.233.113.39:8000 Payload connects to 68.233.113.39:8001 Reva_CEH_Course_Installer_3.5.2.exe and reverse_modified.exe are the same file: 56f0e8485711d746f8d36b7d6e3a7286
Shellcode Execution Series => [ EnumChildWindows ,EnumDesktopsW ,EnumObjects EnumWindows,CreateThreadpoolWait, QueueUserAPC] Link: github.com/Whitecat18/Rus… #maldev #shellcode #execution #pentesting #redteaming #CyberSecurity #pwn #Rust #Windows
#opendir hosting #shellcode payload and loader 152.32.247[.]5:1555 rs_code.exe (shellcode loader): 492b2023401d79a35ec46902b1f5477c code_389.txt: c2fd475eeb024fea5abe3983df9be89b code_389.txt (decoded hex): 4d81e9a3c58e7288af4e5d8f5b81c0a2 Connects to hxxps://152.32.247[.]5:139
![sicehice's tweet image. #opendir hosting #shellcode payload and loader
152.32.247[.]5:1555
rs_code.exe (shellcode loader): 492b2023401d79a35ec46902b1f5477c
code_389.txt: c2fd475eeb024fea5abe3983df9be89b
code_389.txt (decoded hex): 4d81e9a3c58e7288af4e5d8f5b81c0a2
Connects to hxxps://152.32.247[.]5:139](https://pbs.twimg.com/media/FsT02AxacAAEJ0L.png)
![sicehice's tweet image. #opendir hosting #shellcode payload and loader
152.32.247[.]5:1555
rs_code.exe (shellcode loader): 492b2023401d79a35ec46902b1f5477c
code_389.txt: c2fd475eeb024fea5abe3983df9be89b
code_389.txt (decoded hex): 4d81e9a3c58e7288af4e5d8f5b81c0a2
Connects to hxxps://152.32.247[.]5:139](https://pbs.twimg.com/media/FsT033zaYAAI6TM.jpg)
#opendir hosting #SilverC2 and #shellcode #loader 143.198.68[.]62:8080 C2: 143.198.68[.]62:8888 main.go: 8c44bb6e3eb8ad775c9f07994bb5cda1 test1.exe: eae20dc5eacb216a11b23d6a8c0e33d7
![sicehice's tweet image. #opendir hosting #SilverC2 and #shellcode #loader
143.198.68[.]62:8080
C2: 143.198.68[.]62:8888
main.go: 8c44bb6e3eb8ad775c9f07994bb5cda1
test1.exe: eae20dc5eacb216a11b23d6a8c0e33d7](https://pbs.twimg.com/media/Ft2ZX_1X0AAOEP2.jpg)
![sicehice's tweet image. #opendir hosting #SilverC2 and #shellcode #loader
143.198.68[.]62:8080
C2: 143.198.68[.]62:8888
main.go: 8c44bb6e3eb8ad775c9f07994bb5cda1
test1.exe: eae20dc5eacb216a11b23d6a8c0e33d7](https://pbs.twimg.com/media/Ft2ZbedX0AI7fk5.jpg)
matro7sh_loaders This script adds the ability to encode #shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b) github.com/matro7sh/matro… #cybersecurity #infosec #pentesting #redteam
Something went wrong.
Something went wrong.
United States Trends
- 1. Chiefs 101K posts
- 2. Branch 29.6K posts
- 3. Mahomes 30.8K posts
- 4. #TNABoundForGlory 50.2K posts
- 5. #LoveCabin N/A
- 6. LaPorta 10K posts
- 7. Goff 13.4K posts
- 8. Bryce Miller 4,215 posts
- 9. Kelce 15.7K posts
- 10. #OnePride 6,294 posts
- 11. Dan Campbell 3,349 posts
- 12. #LaGranjaVIP 46.8K posts
- 13. #DETvsKC 4,818 posts
- 14. Butker 8,348 posts
- 15. Mariners 48K posts
- 16. Pacheco 4,879 posts
- 17. Gibbs 5,503 posts
- 18. Baker 53.8K posts
- 19. collinsworth 2,916 posts
- 20. Mike Santana 3,976 posts