How Hackers Hide From Memory Scanners
Рет қаралды 59,256
Күн бұрын
@felixkiprop48 11 ай бұрын
John, the best in advert, love that voice change.
@maalikserebryakov 11 ай бұрын
TECHNIQUES OF HIDING IN MEMORY 1 - Encrypting the Payload until Action
@reconmaster907 11 ай бұрын
He has upped his thumbnail game. Cool.
@ME-L3U 11 ай бұрын
I got Watch_Dogs vibes, absolutely awesome art style.
@xeaudg 11 ай бұрын
John Hammond: Answering the question "What would it look like if Seth Rogan were to suddenly become a CyberSecurity professional...?" LOL. Mr. Hammond: you are a security superstar! Keep up the good work!
@Jhern4nd3z516 11 ай бұрын
Bring back the malware reverse engineering videos 🥺
@DragonFistLeeMontage 11 ай бұрын
I’ve been in IT for 10 years, and every time I watch one of your videos, I realize I need another 10 years of practice at least.. 😂 Keep up the good work
@user-fc1ep2xy7k 11 ай бұрын
Same here man... Been software engineer for 8-9 years and I just realize how many things I don't know
@Darkregen9545 11 ай бұрын
The amount of things hackers can do is crazy.
@cygmoid 11 ай бұрын
Yeah , like they know multiple ways to inject shellcode even if you close down one trick. Pretty crazy
@DanniDuck 11 ай бұрын
@@cygmoid It's not too hard to prevent if you really think about it. You should first implement a memory hasher that can detect when memory gets changed after you make any hooks you have. You can hook functions such as LoadLibrary too. After that, you should scan for any RX allocations, which would indicate manual map. You can make manual mapping even harder by hooking thread creation functions eg. BaseThreadInitThunk, but a common workaround for this is to create a suspended thread with a valid address, then change it and resume it, so make sure you check that as well. The most important protection is a hard to figure out memory hashing system that checks itself and must be running.
@seansingh4421 11 ай бұрын
Actually it can become very easy to spot if you have Eventlog forwarding and parsing, coupled that with suricata network logging and its becomes very difficult for a hacker to hide.
@DanniDuck 11 ай бұрын
@@seansingh4421 What? This video isn't about network security, it's about application security.
@seansingh4421 11 ай бұрын
@@DanniDuck which go hand in hand my friend. Syslog or Eventlogs tell you everything not just network stuff
@stanislavsmetanin1307 4 ай бұрын
As always - great material. Thx.
@shadrachwilson1211 11 ай бұрын
Great content. This got me scratching my head
@JeffNoel 11 ай бұрын
I've been seeing many similar websites offering courses and certifications for exploit development, but I have no idea which one is really worth it... Maldev's syllabus seems impressive, but I'm curious how they stack up against better known certs like OSED. Super cool to be able to see part of a module with you in this video :)
@Yahelj6 11 ай бұрын
Its not Exploit Development, its Malware Development
@senseiSinclair 11 ай бұрын
Maldev academy looks similar to HackThe Box academy to me. Cool video.
@senseiSinclair 11 ай бұрын
@@lumikarhu Yeah, visually looks like a similar format.
@m3sm4r2010 11 ай бұрын
great video sir,well done
@Frozlie1 11 ай бұрын
really enjoy your content, thanks!
@0oNoiseo0 11 ай бұрын
Interesting to dive more into. Thank u!
@georgehammond867 11 ай бұрын
how to learn the basics programs in C/CPP, before exploit devs courses ??
@nittani. 11 ай бұрын
I love this guy hes good looking too
@marveII0us 11 ай бұрын
Binders/Crypters?
@Bair994 7 ай бұрын
Tried to access the sign you linked and was blocked from Maldev, probably because of a vpn? idk not turning it off to access a Cyber Sec site thats asking for trouble.
@K03KK03K 11 ай бұрын
Nice one! Thanks!
@stickman2003 10 ай бұрын
Evil ChatGPT update !!
@h4ckh3lp 11 ай бұрын
Bravo, sir.
@gunnerysergeant8889 11 ай бұрын
i signed up for the course. It's not for beginners. It has a very steep learning curve of "C". I do think it is great knowledge but def not for beginners. You do make it sound AWESOME though...in fact, sorry, I watched your video and just instantly enrolled. THEN i saw you had a code. I just wished the course had the videos like the ones you are actually doing. it really helps me fill in the blanks for the things i am not understanding. sadly the course has over a 100 modules between course&updates (do i follow the course or do I follow the updates)...videos would be nice...at least to get our of the beginner section.
@nordgaren2358 11 ай бұрын
Follow the courses, first. Start from the beginning. Then do the updates.
@daljeetbhati8353 10 ай бұрын
can you share the course
@abdullahkhan_9876 11 ай бұрын
HI!, I'd love to see a video on how hackers bypass av/anti-virus
@ChristopherBruns-o7o 8 ай бұрын
Videos and combining wordlist/brute-force/enumeration with nlp. Like if someone wanted to dynamically enumerate language but when grounded. 10:38 Is this how ChatGPT and other LLM are stateless but still able to leverage things like a text embedding maybe? 11:23 This is terrible
@mudi2000a 11 ай бұрын
How can I learn about those topics without shelling out a lot of bucks?
@hypedz1495 9 ай бұрын
Maldec academy looks super expensive.
@zach115th 11 ай бұрын
Does the lifetime purchase cover all the modules or just one?
@oratilemoagi9764 11 ай бұрын
Hey can i ask; If you Videos get removed or banned where else can i watch them
@stanislavsmetanin1307 11 ай бұрын
Fantastic ))
@SwineTech 11 ай бұрын
A real hacker wont use already developed programs.. lol 😮
@activelearner9924 6 ай бұрын
can i use on my personal pc to detect sir??
@sanathkumar1006 11 ай бұрын
I doubt EDR would have pick it up when mimikatz was extracting NTLM even though it was fraction of a sec
@nordgaren2358 11 ай бұрын
Defender won't even let you put mimikatz on your PC.
@nordgaren2358 11 ай бұрын
You MAY be able to get it, but as soon you run it, it's gone. If you leave it, defender will find and zap it in a scan, eventually.
@sanathkumar1006 10 ай бұрын
@@nordgaren2358 Yeah true
@bilalaniq7770 11 ай бұрын
plz tell me how to bypass win defender
@popeyehacks 10 ай бұрын
I want that exe
@haroldsmith768 11 ай бұрын
Wy do people type so much just to be nosey
@creativeyes3292 11 ай бұрын
That thumbnail is hella cringe
@kenzyflash 11 ай бұрын
first to comment and a nice video
@iamwitchergeraltofrivia9670 10 ай бұрын
Hahahh visual studio you hack easy to hack hahahhaahav
@DFPercush 11 ай бұрын
Very clever, tricksy hobbitses... now someone needs to make a real time scanner that will scan any new executable page being loaded. Invalidate and page out when protection flags change. Might impact the performance of JIT apps though.
@cybercat2025 11 ай бұрын
you people have a life?
@Oregoncoast30 11 ай бұрын
Yes. A fun cybersecurity / infosec life. Its cool stuff and fun to delve into.
@maalikserebryakov 11 ай бұрын
no life below 3 PSL :(
@maalikserebryakov 11 ай бұрын
@@Oregoncoast30 Reddit moment
Low Level
Рет қаралды 818 М.