Reverse Engineering Windows Exploit Mitigations

Reverse Engineering Windows Exploit Mitigations - Do Not Allow Child Proc

Рет қаралды 1,193

Күн бұрын

Пікірлер: 9

@anantP-ip8op Жыл бұрын

Hello captain! I am trying to get into malware analysis as a career but I feel malware development should be learnt first for a good analysis career. Whats your take on malware development ( maldev academy ) ? They are teaching C and internals as well.

@OffByOneSecurity Жыл бұрын

I haven't looked at maldev academy. That sounds great though, if they are teaching C fundamentals and OS internals. Those are of course critical to both malware analysis and exploit dev. There are certainly similarities and overlap between the two focus areas, but they are also very different. It's fun to pivot back and forth between the two.

@kenny-ze8eg 8 ай бұрын

I've been trying to learn everythin possible to fix my systems after being hit with ransomware. After the place my providers told me to take my devices to Said "fixed" my chromebook. But only put an enterprise version of chromeOS.i also switched emails and tried recovering my old email to save my kids pictures, so I try finding a tool to fix my windows pcs, but only having chromeOS Linux. Then I look up how to run it on windows. Thinking it would run the windows prompt where it asks "do u want to trust this program" it asked if I was doing it as root. And hollyyy crap. Now I can't seem to get nobody to believe a word I say about it. But the hash file of the program says it doesn't match. I do understand I made mistakes that where pretty dumb. But if they took into consideration on "why" I was watching the videos step by step is bc I had a massive head injury when I was younger messing up my frontal cortex. But I also had found a wireshark network and bunch of other crap where I was basically screwed any way I turn. Now I'm just trying to consume info and know it 100% so I don't make what's worse than screwed up. Even worse. Also found a 3rd party app under a weird name (Sorry for the long comment, alot to consume)

@OffByOneSecurity 7 ай бұрын

I wish you the best. Sounds like quite the challenging situation. Best of luck to you.

@kenny-ze8eg 7 ай бұрын

@OffByOneSecurity yeah it's quite insane, but I wish the research community would help me get through this. Because if they would hear my full story. Idk if you heard about the xz backdoor thing. But if you compare my story to how the function of the backdoor worked. And compare my story. About the open-source tool. The mistake of running it as root on accident after being manipulated with KZbin results after the original randomware. Then how the Jia tan account was made around the same time I was compromised. And when I ran that tool holy shit man. And now these 3rd party app on my phone under "project-numbers" and on my chromebook there is a excluded file Path that's like. Node\|/.git\|/project\|/idea\|/bowers\|/modules. And basically if they took all my story and the videos explaining the xz backdoor and that story. That binary blob that was committed was "maybe???" That tool I got manipulated into running as root. Im not 1000% sure. But I've been reporting and trying to fix my mistake, and plus track down that prick by figuring out who this wireshark network is registered too.