πŸ”’
There are new articles available, click to refresh the page.
βœ‡ MalwareTech

[Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1)

By: MalwareTech β€”

An introduction to Use-After-Free exploitation and walking through one of my old challenges. Challenge Info: https://www.malwaretech.com/challenges/windows-exploitation/user-after-free-1-0 Download Link: https://malwaretech.com/downloads/challenges/UserAfterFree2.0.rar Password: MalwareTech

The post [Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1) appeared first on MalwareTech.

βœ‡ MalwareTech

[Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis

By: MalwareTech β€”

Walking through my process of how I use patch analysis and reverse engineering to find vulnerabilities, then evaluate the risk and exploitability of bugs.

The post [Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis appeared first on MalwareTech.

βœ‡ MalwareTech

An in-depth look at hacking back, active defense, and cyber letters of marque

By: MalwareTech β€”

There has been much discussion in cyber security about the possibility of enabling the private sector to engage in active cyber defense, or colloquially β€œhacking

The post An in-depth look at hacking back, active defense, and cyber letters of marque appeared first on MalwareTech.

βœ‡ MalwareTech

How I Found My First Ever ZeroDay (In RDP)

By: MalwareTech β€”

Up until recently, I’d never tried the bug hunting part of vulnerability research. I’ve been reverse engineering Windows malware for over a decade, and I’d

The post How I Found My First Ever ZeroDay (In RDP) appeared first on MalwareTech.

βœ‡ MalwareTech

BlueKeep: A Journey from DoS to RCE (CVE-2019-0708)

By: MalwareTech β€”

Due to the serious risk of a BlueKeep based worm, I’ve held back this write-up to avoid advancing the timeline. Now that a proof-of-concept for

The post BlueKeep: A Journey from DoS to RCE (CVE-2019-0708) appeared first on MalwareTech.

βœ‡ MalwareTech

DejaBlue: Analyzing a RDP Heap Overflow

By: MalwareTech β€”

In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were wormable. The wormable bugs, CVE-2019-1181 & CVE-2019-1182 affect

The post DejaBlue: Analyzing a RDP Heap Overflow appeared first on MalwareTech.

βœ‡ MalwareTech

YouTube’s Policy on Hacking Tutorials is Problematic

By: MalwareTech β€”

Recently YouTube changed its policy on β€œhacking” tutorials to an essential blanket ban. In the past, such content was occasionally removed under YouTube’s broad β€œHarmful

The post YouTube’s Policy on Hacking Tutorials is Problematic appeared first on MalwareTech.

βœ‡ MalwareTech

Analysis of CVE-2019-0708 (BlueKeep)

By: MalwareTech β€”

I held back this write-up until a proof of concept (PoC) was publicly available, as not to cause any harm. Now that there are multiple

The post Analysis of CVE-2019-0708 (BlueKeep) appeared first on MalwareTech.

βœ‡ MalwareTech

Analysis of a VB Script Heap Overflow (CVE-2019-0666)

By: MalwareTech β€”

Anyone who uses RegEx knows how easy it is to shoot yourself in the foot; but, is it possible to write RegEx so badly that

The post Analysis of a VB Script Heap Overflow (CVE-2019-0666) appeared first on MalwareTech.

βœ‡ MalwareTech

Video: First Look at Ghidra (NSA Reverse Engineering Tool)

By: MalwareTech β€”

Today during RSA Conference, the National Security Agency release their much hyped Ghidra reverse engineering toolkit. Described asΒ  β€œA software reverse engineering (SRE) suite of

The post Video: First Look at Ghidra (NSA Reverse Engineering Tool) appeared first on MalwareTech.

βœ‡ MalwareTech

Analyzing a Windows DHCP Server Bug (CVE-2019-0626)

By: MalwareTech β€”

Today I’ll be doing an in-depth write up on CVE-2019-0626, and how to find it. Due to the fact this bug only exists on Windows

The post Analyzing a Windows DHCP Server Bug (CVE-2019-0626) appeared first on MalwareTech.

βœ‡ MalwareTech

Tracking the Hide and Seek Botnet

By: MalwareTech β€”

Hide and Seek (HNS) is a malicious worm which mainly infects Linux based IoT devices and routers. The malware spreads via bruteforcing SSH/Telnet credentials, as

The post Tracking the Hide and Seek Botnet appeared first on MalwareTech.

βœ‡ MalwareTech

Best Languages to Learn for Malware Analysis

By: MalwareTech β€”

One of the most common questions I’m asked is β€œwhat programming language(s) should I learn to get into malware analysis/reverse engineering”, to answer this question I’m going to write about the top 3 languages which I’ve personally found most useful. I’ll focus on native malware (malware which does not require …

The post Best Languages to Learn for Malware Analysis appeared first on MalwareTech.

βœ‡ MalwareTech

Investigating Command and Control Infrastructure (Emotet)

By: MalwareTech β€”

Although the majority of botnets still use a basic client-server model, with most relying on HTTP servers to receive commands, many prominent threats now use more advanced infrastructure to evade endpoint blacklisting and be resilient to take-down. In this article I will go through and explain my process of identifying …

The post Investigating Command and Control Infrastructure (Emotet) appeared first on MalwareTech.

  • There are no more articles
❌