Kali
Adversaries may use binary padding to add junk data and change the on-disk representation of malware. This can be done without affecting the functionality or behavior of a binary, but can increase the size of the binary beyond what some security tools are capable of handling due to file size limitations. Binary padding effectively changes …
Continue reading “SharpIncrease – Mastering Malware Obfuscation To Bypass Security Detection”
In the cybersecurity landscape, attackers constantly devise methods to bypass security measures. One sophisticated technique is T1036.005, or Masquerading: Match Legitimate Name or Location, where attackers mimic the names or locations of legitimate files to evade detection. This article delves into how this tactic works, providing insights on detection and mitigation to help defenders enhance …
Continue reading “T1036.005 – Masquerading : Match Legitimate Name Or Location”
ChaiLdr – AV Evasive Payload Loader represents a cutting-edge approach in malware development, blending innovative evasion techniques to bypass modern antivirus solutions. Crafted with advanced concepts learned in malware engineering, this tool introduces a new level of sophistication in delivering payloads undetected. From indirect syscalls and API hammering to HTTP/S shellcode staging, ChaiLdr sets a …
Continue reading “ChaiLdr – AV Evasive Payload Loader : Unveiling Next-Gen Evasion Capabilities”
Learning about Windows rootkits lately, so here is my own implementation of some techniques. For an overview, see Features below. Banshee is meant to be used with kdmapper or a similar driver mapper. I am just learning about kernel driver development, so this is for educational purposes mainly. Usage You can integrate Banshee into your tooling, by including the Banshee.hpp file …
Continue reading “Banshee – A Foray Into Kernel-Level Power With Rootkit Techniques”
A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Malware Collection Anonymizers Web traffic anonymizers for analysts. Honeypots Trap and collect your own samples. Malware Corpora Malware samples collected for analysis. Open Source Threat Intelligence Tools Harvest and analyze IOCs.
Kill a live running QAKbot on an infected machine. More on this : Operation Duckhunt : Field Testing the FBI’s Anti-Qakbot Payload (C) Raashid Bhat In the constantly changing world of online threats, Qakbot has become a powerful foe. This malware has caused problems on many systems because it stays around and does damage. But there …
Continue reading “Anti-Qakbot – Disabling The Malicious Threat”
Malware is a malicious computer program that is designed to infect your system and gain access to sensitive information without the user’s permission. Software is referred to known as malware based upon the intention of the developer. If the intent of any software design is malicious – that program is considered malware. Based on the …
Continue reading “What are the Types of Malware Infecting Your Computer”
.webp)
.webp)
.webp)
