0xReverse

10 posts

0xReverse

@0xreversecom

Security Research Group

شامل ہوئے Kasım 2024

0 فالونگ226 فالوورز

0xReverse ری ٹویٹ کیا

Utku Çorbacı@rhotav·15 Kas

pyinjector-rs / A Windows process injector written in Rust that injects and executes Python codes Thanks to @luminaryxd for giving me the idea. I think this project can be used in some things that use PYTHON RUNTIME.😄 github.com/rhotav/pyinjec…

English

131

25.7K

0xReverse@0xreversecom·14 Eki

🔥 Understanding Windows ~ DSE Mechanism & Abusing ETW by @0xdr4f3rt 0xreverse.com/understanding-…

English

3.6K

0xReverse@0xreversecom·30 Ağu

An advanced parser that can be used to parse .NET assemblies. It can be used for many tasks such as Config Extractor, Assembly Analysis by @rhotav

Utku Çorbacı@rhotav

dnpy - A Python library for reading .NET assemblies. It's not finished yet, but its current state is sufficient for many tasks. Using only dnpy (without needing another project), you can parse a .NET assembly, iterate through its methods, and read its instructions. github.com/rhotav/dnpy

English

786

0xReverse@0xreversecom·7 Ağu

Its ability to bypass EDR/XDR systems and impact banks, ISPs, and mid-level organizations in Türkiye underscores the need for on-premises sandboxes, supported by Threat.Zone's hypervisor-based approach, which offers deeper malware visibility than cloud-based alternatives. 🧵(3/3)

English

150

0xReverse@0xreversecom·7 Ağu

The malware employs a three-stage loader, including TOR for anonymous C&C communication and persistence via scheduled tasks. 🧵 (2/3)

English

151

0xReverse@0xreversecom·7 Ağu

@malwation research team has identified a sophisticated malware campaign targeting Türkiye 🇹🇷. "Technical Analysis of a Stealth Java Loader Used in Phishing Campaigns Targeting Türkiye" 🧵

Threat.Zone | Holistic Malware Analysis Platform@threatzone_

In recent weeks, our research team’ve identified a sophisticated phishing campaign targeting Türkiye. Threat actors targeted computers running Windows operating systems located in Türkiye and using the Turkish language. Key takeaway: the malware bypassed every public sandbox and AV aside from Threat.Zone, and also evaded EDR/XDR in real-world incidents. We noted impact across many banks, ISPs, and mid-level organizations. This case again shows why on-premises sandboxes are essential for critical infrastructure and why real dynamic analysis is crucial for SOC teams. malwation.com/blog/technical…

English

951

0xReverse@0xreversecom·9 May

🔥 Unpacking PE with Qiling Framework by @rhotav 0xreverse.com/unpacking-pe-w…

English

125

0xReverse@0xreversecom·30 Nis

🔥 Tracing and Manipulating Anti-Analysis Techniques with DynamoRIO by @rhotav 0xreverse.com/tracing-and-ma…

English

4.2K

0xReverse@0xreversecom·27 Nis

🔥 Analysis of CVE-2024-38063 - Exploiting The Kernel Via IPv6 by @0xdr4f3rt 0xreverse.com/analysis-of-cv…

Nederlands

5.7K

0xReverse@0xreversecom·24 Nis

🔥 Understanding Alcatraz ~ Obfuscator Analysis by @rhotav - Analysis of Alcatraz Passes with IDA - OEP Finder with @qiling_io - Scripting with IDAPython 0xreverse.com/understanding-…

English

107

13.7K

دریافت کریں

@luminaryxd @0xdr4f3rt @rhotav @malwation @qiling_io @elonmusk @BarackObama @taylorswift13