[Mr.Un1k0d3r] Разработка программного обеспечения для наступательной безопасности

Robot · Вчера в 03:50

85 эпизодов с занятиями по программированию по следующим темам:

Introduction to the toolset and core concept.
Introduction to assembly language programming and shellcoding core concept.
Shellcoding basics: Resolving Windows APIs using loaded modules LDR in the PEB and kernel32 GetProcAddress and LoadLibrary.
Remote process injection using the PEB kernelcallbacktable manipulation

and SendMessage API.
Writing customer shellcode encoder in assembly using key brute force and MMX instructions set.
Fooling the EDR using self debugging and DLL loading event to manipulate loaded DLLs.
Fileless lateral movement technique using Windows ServiceManager (SVCCTL) in C.
Windows APIs EDR evasion using Nt* APIs and direct syscall.
Demystifying some C concept.
Generic process injection concept in C and C#.
C# execute .NET in memory to avoid touching the disk and C# AMSI trick.
Attacking the EDR for fun and profit by removing the usermode hooks..
C and C# evasion technique to prevent sandbox execution.
Basic Command & Control (C2) over HTTP concept in C#.
Hooking Windows API for fun and profit.
Dropping your initial payload and phishing concept.
Cobalt Strike tricks and writing BOF file for Cobalk Strike.
SPECIAL GUEST: @byt3bl33d3r is going to present some of his work regarding nim.
Windows Internal Useful APIs. Remote information gathering.
Resolving syscall dynamically.
LDAP and the Windows Active Directory world.
SPECIAL GUEST: @waldoirc Understanding ETW, API hooking, and malware analysis.
Writing keyloggers using 2 different approaches.
The Windows COM world.
Linux Shellcoding.
Introduction to buffer overflow.
Buffer overflow part 2: ROP Gadget.
Revisiting ETW and AMSI bypass.
PetitPotam and ADCS tricks for Red Teamers.
C Obfuscation For Red Teamers.
SPECIAL GUEST: @snowscan & Juan Ansible & Terraform automation. NO AUDIO
Sandbox detection tricks.
SPECIAL GUEST: @waldoirc Hooking Heaps and Living Free.
Initial Access payload; Some macro trick and .Net appdomain trick.
SPECIAL GUEST: Cobalt Strike version 4.5 pre-release exclusive sneak peak presented by @joevest and Chris Thrope which are both core dev of Cobalt Strike.
Patching legitimate software to hide your payload. (code cave)
SPECIAL GUEST: Offensive PIC for red teamers presented by @thefLinkk
Demystifying Import Address Table and Export Address Table.
Update on evasion and unhooking.
SPECIAL GUEST: Intro to Cobalt Strike Artifact Kit: Let's add some basic evasion capabilities for our Beacons. Presented by István Tóth aka @an0n_r0
SPECIAL GUEST: ETW, more position independent shellcode and BRc4 @NinjaParanoid
Using mailslot instead of namedpipe to hide from EDRs. IRP_MJ_CREATE_NAMED_PIPE vs IRP_MJ_CREATE_MAILSLOT. ETW Provider attack to stop feeding at the source.
The mystery of DLL side loading. Demystifying how to do it properly.
Building your C2 introduction to preludesecurity.com
Reflective DLL Loading.
SPECIAL GUEST: Meterpreter's Railgun presented by @zerosteiner the lead developer of the Metasploit Framework at Rapid7.
The case of TrustedInstaller and some EDRs tricks.
MsBuild payload obfuscations and tricks.
SPECIAL GUEST: Obfuscation with NIM and NIM packer presented

by @ShitSecure
Building obfuscation framework to automate the obfuscation process in C#.
Hunting for other SMB hash leakage vectors.
Killchain for ATP/MDE: firewall, elevate, registry key manipulation all in C.
Implementing your own GetProcAddress and LoadLibrary as part of your loader by parsing the PEB.
How to Get Started using Jenkins for CI/CD - For Offense & Defense. Presented by Jake.
RPC R&D style using impacket and MSDN documentation.
The core concept of our C2 written in C#.
C# invisible Cobalt Strike beacon in memory.
Building your C2 in .Net core part 1.
Building your C2 in .Net core part 2.
Building your C2 in .Net core part 3.
Getting Started with Continuous Security Testing with preludesecurity.com. This session will introduce new concepts and technologies for continuous security testing.
Building your C2 in .Net core part 4.
Building your C2 in .Net core part 5.
Building your C2 in .Net core part 6.
Building your C2 in .Net core part 7.
Building your C2 in .Net core part 8.
MSIL CIL obfuscation in C#. Obfuscating your code a level below.
Adding features to our C2 such as payload obfuscation at rest and new handlers. Switch case obfuscation trick preview.
Browser is the new LSASS part 1. Getting the master key.
Browser is the new LSASS part 2. Getting the cookie file.
Browser is the new LSASS part 3 .Getting the key remotely.
Phishing vectors in 2023. Getting code execution on the target.
Phishing vectors in 2023 part 2. Code obfuscation at rest.
Santa secret sauce: phishing trick to pass reputation and hide your final payload. Special guest: Eqw5
Special guest: Waldo-IRC present Introduction to thoughtful and simple debugging.
Red teaming and reconnaissance: Building your own C# utility to query LDAP.
Azure for red team: Token manipulation and the device code phishing.
Special guest: Kumo is presenting devops for red teamers.
Initial access: all the techniques we covered and what is efficient against EDRs.
Cobalt Strike and modern EDR evasion. The importance of BOF, avoiding Fork & Run and namedpipe.
C obfuscation using assembly and compiler shenanigans.
Evading EDRs and HoneyPots. What you need to evade them? Learning about EDRs and HoneyPots capabiliti