The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...

VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
IEEE

Identification of Arbitrary Length Shellcode for the Intel x64 Architecture as a NOP Sled

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...
TechBooky

How Hackers Spread RAT Malware via DLL Sideloading in LinkedIn Messages

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...
GitHub

Example of run-time manual PLT in C.

TL;DR: Write a C program that calls libc functions, compile it to a shellcode, load it in memory. Featuring function scraping from ELF as "procedure linkage", code & compilation tricks, and more. If ...
GitHub

Real fucking shellcode encryptor & obfuscator.

Supernova is an open-source tool that empowers users to securely encrypt and/or obfuscate their raw shellcode. Supernova supports various features beyond those typically found in a common shellcode ...