Explore >> Select a destination
|
You are here 
|
8051enthusiast.github.io | ||
| | | | |
blog.fahhem.com
|
|
| | | | | Posts and writings by Fahrzin Hemmati | |
| | | | |
cybergibbons.com
|
|
| | | | | Last time we looked at using the SWD interface of an STM32 ARM chip. This isn't the only way we can interact with this device though. It also contains a serial interface on the bootloader tha... | |
| | | | |
prog.world
|
|
| | | | | [AI summary] The article discusses the use of Intel Processor Trace (PT) technology to capture code traces from the System Management Mode (SMM) in a computer's BIOS. The authors detail the process of creating a backdoor to access SMM, modifying the SMI dispatcher to redirect execution to a custom shellcode, and using tools like WinIPT and ptxed to analyze the trace data. They also mention challenges such as synchronization issues and the need for cross-platform compatibility, and conclude that this method provides an efficient way to investigate SMM code for vulnerabilities. | |
| | | | |
forensicitguy.github.io
|
|
| | | In this post I want to take a look at a PowerShell-based Cobalt Strike beacon that appeared on MalwareBazaar. This particular beacon is representative of most PowerShell Cobalt Strike activity I see in the wild during my day job. The beacons often show up as service persistence during incidents or during other post-exploitation activity. If you want to follow along at home, the sample I'm using is here: | ||
