0xReverse
@0xreversecom
Followers
227
Following
80
Media
0
Statuses
10
Security Research Group
Joined November 2024
pyinjector-rs / A Windows process injector written in Rust that injects and executes Python codes Thanks to @luminaryxd for giving me the idea. I think this project can be used in some things that use PYTHON RUNTIME.😄 https://t.co/bWrpr9bnoN
github.com
A Windows process injector written in Rust that injects and executes Python codes - rhotav/pyinjector-rs
0
29
133
🔥 Understanding Windows ~ DSE Mechanism & Abusing ETW by @0xdr4f3rt
https://t.co/p4rasTRMtQ
0xreverse.com
Introduction In this article, I will discuss the details of the Driver Signature Enforcement Policy and Event Tracing for Windows mechanisms, which play an important role on the Windows side for...
0
4
15
An advanced parser that can be used to parse .NET assemblies. It can be used for many tasks such as Config Extractor, Assembly Analysis by @rhotav
dnpy - A Python library for reading .NET assemblies. It's not finished yet, but its current state is sufficient for many tasks. Using only dnpy (without needing another project), you can parse a .NET assembly, iterate through its methods, and read its instructions.
0
0
11
Its ability to bypass EDR/XDR systems and impact banks, ISPs, and mid-level organizations in Türkiye underscores the need for on-premises sandboxes, supported by https://t.co/PyuPW9hw42's hypervisor-based approach, which offers deeper malware visibility than cloud-based
threat.zone
Threat.Zone is a hypervisor-powered agentless malware analysis platform with dynamic sandboxing, deep network insights, and cloud or on-premise deployment.
0
0
1
The malware employs a three-stage loader, including TOR for anonymous C&C communication and persistence via scheduled tasks. 🧵 (2/3)
1
0
2
🔥 Tracing and Manipulating Anti-Analysis Techniques with DynamoRIO by @rhotav
https://t.co/MirjZd3xmp
0xreverse.com
This is a post of mine from an old blog (vx.zone). It has been revised again just for 0xReverse. Introduction In this blog post, I’ll explain how to trace and manipulate a program with DynamoRIO....
0
19
63
🔥 Analysis of CVE-2024-38063 - Exploiting The Kernel Via IPv6 by @0xdr4f3rt
https://t.co/X1z5faHaMb
0xreverse.com
Introduction In this article, we will analyze the zero-click windows TCP/IP RCE (CVE-2024-38063) vulnerability published by Microsoft on August 13, 2024. This vulnerability is caused by unsafe...
1
16
32
🔥 Understanding Alcatraz ~ Obfuscator Analysis by @rhotav - Analysis of Alcatraz Passes with IDA - OEP Finder with @qiling_io - Scripting with IDAPython https://t.co/LK1fWopYDa
0xreverse.com
Introduction Binary-to-binary (bin2bin) obfuscators, which are frequently preferred by both malware developers and users seeking to protect their source code, are making the work of malware analysts...
0
46
109