Jean-Pierre LESUEUR

@Dimillian Man! That's a wild relic. We were such skids back then haha ! The TPB wallpaper... priceless 🤣

Did you know that 15 years ago I was making software trailer for @DarkCoderSc Just watch and turn up the sound youtube.com/watch?v=sitjro…

@fr0gger_ 😂

🚀You can now search for malware families, releases, techniques, and code snippets, including archives on Malware Gallery: malwaregallery.com #InfoSec #Malware #DFIR

@rmcdaniel_ People copying nicknames is just a sign of how inspiring someone is. It can surely cause trouble, but I believe it is the highest form of flattery.

@rmcdaniel_ Because, you are a true legend! Many people, especially younger generations, are unaware that you are a pioneer in infosec and malware research. Numerous concepts they now take for granted were pushed to light by innovators like you in the late 1990s and 2000s.

At one point, someone hired me to develop a proof-of-concept trojan for educational and defensive research purposes. When it became clear they were discussing things that sounded legally questionable, I cut ties and refused further involvement. Not long after, I received an unexpected message from the FBI saying that someone using both my handle and my real name was linked to cybercrime activity, and asking whether I knew someone known as “Iceman.” Later, it emerged that Max Butler, who went by Iceman, had adopted the alias Aphex among others.

@rmcdaniel_ I would even say that you were among the very few "countable on one hand" who were most impactful at that time. You inspired so many young developers, including myself.

@0bin_Cyber @fr0gger_ Contact me via email ;)

@fr0gger_ @DarkCoderSc Hey j tried to dm you but your dm is closed. Can you do something about that please and get back to me

Check out this new entry in the #UnprotectProject by my friend @DarkCoderSc! 😎 *Indirect Memory Writing* for example an attacker calls standard Windows APIs that accept an output pointer. You can point that pointer at executable memory. The attacker can then build a payload without a direct memory copy call. 👇

@JoelGMSec My gif wasn’t explicit m, no worries 😉

@DarkCoderSc Sorry, then it's my fault. That's what I get for looking at the GIF and not reading the post (because a hurry). Interestingly, I had also seen it (indirect memory write technique) and I haven't seen any articles about it either.

Has anyone ever seen or used this evasion technique? I have been using it for many years and still find it effective (particularly with macro's), so I was surprised to see it continue to work so I decided to document it on Unprotect : unprotect.it/technique/indi… Feedback appreciated!

@JoelGMSec IMO it is, if it can strengthen defense, then it aligns perfectly with the goal of our project

Not really, although I'm not surprised. Something similar happened to me in 2017 with RDP's Shadow Sessions, so I published AutoRDPwn and called it “Shadow Attack” because no one had used that name before. In the end, I didn't write any paper; I don't think it's necessary to write paper about everything, even if it's something well known (like this particular case).

@JoelGMSec We may not be talking about the same thing. I'm not referring to PowerShell for executing payloads; rather, I'm describing an indirect memory write technique.

@DarkCoderSc I've been using it for many years too. Although it depends on the EDR, sometimes “cat -raw payload.txt | iex” is not detectable and iex(cat -raw payload.txt) is. I usually create an alias (such as “cat -raw payload.txt | pwn”) and it's even more effective :)

New code snippet added that demonstrates the principle of indirectly copying a buffer to another memory region using the Windows APIs ReadProcessMemory (Example 1) or ReadFile (Example 2): unprotect.it/snippet/indire…

cf : @fr0gger_

@degendev__ @Hackercharr @PerkinsFund @GetLensNow Oui 😎

@DarkCoderSc @Hackercharr @PerkinsFund @GetLensNow Ah, tu es si vieux aussi 😁

Hi, I’m an ex-hacker, former malware dev, beta tester of Poison Ivy and Bifrost, dev of multiple malwares, almost jailed for it and ex-admin of forums like UndergroundKonnekt (FR) and Chasenet (US). I love drama. I saw @PerkinsFund reply to @GetLensNow with a few findings, nothing really about security, more about code habits. That made me want to review the @PerkinsFund courses. Well… where do I start 😂 🧵/ 8

@degendev__ @Semtioc @PerkinsFund @GetLensNow More exactly Delphi/Lazarus for the Server, MASM for the loader. The loader then loads pieces of shellcodes per feature (a technique called Func-In at that time)

@Semtioc @PerkinsFund @GetLensNow Lovely dev also sweden. Poison ivy was full asm, masm if I remember correctly with a stub of 4kb. The entire RAT was then downloaded as plugins on the infected computer

@degendev__ @Hackercharr @PerkinsFund @GetLensNow Ohhh ! I remember Digerati 🤩

@Hackercharr @PerkinsFund @GetLensNow Good time stopped around this time : computerworld.com/article/136009… Digerati

Malware Noob Month Post #4 Does malware need to be written in C or C++? No. You can write malware in any language you want. In fact, I encourage you to write malware in other programming languages. The reason why C (or C++) is so common is because, as is tradition, it has some historical context. Back in the day the language for programming was assembly. However, as IDEs and compilers improved, it became more acceptable to write in C (for reasons we can discuss later). Either way, Operating Systems began exposing APIs (Application Program Interfaces) in C. Basically, you could communicate to the Operating System and have it do things for you such as create a file or make space in memory. C very quickly became the standard for APIs for Windows and Linux. Hence, malware would inevitably use this language. Additionally, C is very similar to assembly in regards to memory management and ability to ruin your day. In 2025 dozens of programming languages can interopt with Operating Systems. You do not need to use the old school Windows API or do things on Windows anymore. You can write malware in Rust, Go, Java, NodeJS, CSharp, VB, Python, ???. It doesn't matter. C (or C++) is the old school standard, it has seniority, it's been around forever. But, as long as the language gets the job done, it can be literally anything you want. It should be noted though that C (and C++) has a reputation of being elitist (myself included sometimes), so when you make a cool proof-of-concept and it's not C or C++, some people might sigh or complain (myself included), but just ignore them (myself included).

@vxunderground 😞

@DarkCoderSc I said advice not abuse wtf

My son is almost 1 month old. So far he doesn't have a job, doesn't have a driver's license, doesn't have any computer certifications, hasn't been featured in any documentaries. He hasn't even TRIED to learn to code despite all the C programming books I bought him. I sat down with him and said, "Son, it's been a whole month and you haven't done anything. How do YOU do that?!" He then pooped his pants and squirmed around in his onesie. Parents, do you have any advice?