da3m0n s3c

I've compiled a list of the most current shellcodes and linked each directly to their raw code. I am providing this list for analytical purpose to those that may be interested. Enjoy and use responsibly... Windows x64 password protected bind shellcode. Windows x64 CreateRemoteThread() DLL injection shellcode. Linux/x86_x64 mkdir("ajit", 755) shellcode. Linux/x86_64 shellcode that binds to TCP/5600. Linux/x86_64 execve /bin/sh shellcode. Linux multi/dual mode execve("/bin/sh", NULL, 0) shellcode. Linux multi/dual mode reverse shell shellcode. Linux/x86 reverse TCP alphanumeric staged shellcode. Linux dual / multi mode bind shell shellcode. Windows x86 protect process shellcode. Linux reverse shell shellcode. Linux x86-64 egghunter shellcode. Linux x86_64 random listener Windows x86 executable directory search shellcode. RSA Asymmetric Polymorphic Shellcode. Windows x86 reverse TCP staged alphanumeric shellcode. Linux x86_64 polymorphic setui

There are two updates to this post, (seen in white )... UPDATE : another good online static malware analysis tool we all know and love, is back up and running. Based on the Cuckoo Sandbox: ~]  Malwr.com  [~ There's many tricks and trade secrets that we (or anyone within cybersec) just don't share. We have decided that there are just some online tools just too good to keep a secret. If they do, they arent around for long, a kind of respect thing. I have another shortlist of very handy online tools at the bottom of our most recent reversing and analysis ~] decoding a malicious webshell  [~ . These play a big part in our processes and used several times daily. Some of these below you may be familiar with, or not, or maybe even use already. If not, you should commit these to memory. Trust us, these will always come in handy. This is only a shortlist, we will add more/update as appropriate. The first you hopefully are quite familiar with, if you are not using this religious

Circa late '16, i was studying "PHP" lang (amongst others) and reviewing some case studies from a large infiltration and the widespread takeover of spanning several large scale providers that offered blogs, free pages, social accounts, etc. I'm leaving the names out but will give reference to the friendly name given:  the infamous SEO Attacks . Stegonography is nothing new, I'm not reinventing the wheel here, but after over 3mos. of work last year and countless deep dives...I see this has gotten way out of hand for EVERY side that's using the technology. Just look at the wiki dumps from last week... After you read this and your still not convinced of the scale? Leave a comment, I can take you a bit deeper down the rabbit hole. I'm not a (conspiracy) theorist, I don't post a word unless I can back it up. I'm not a whistleblower, not considered good nor bad. Only da3m0n s3c, and this is FYI . I combed through dozens of writeups, mostly by reputabl