Skip to content
  • YouTube
  • TikTok
  • Twitter
  • Instagram

MalwareTech

Everything Cyber Security

  • Sponsors
  • Speaking
  • Content
    • Podcast
    • Challenges
  • Contact
For Beginners Videos Vulnerability Research

[Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1)

May 3, 2022May 3, 2022

An introduction to Use-After-Free exploitation and walking through one of my old challenges. Challenge Info: https://www.malwaretech.com/challenges/windows-exploitation/user-after-free-1-0 Download Link: https://malwaretech.com/downloads/challenges/UserAfterFree2.0.rar Password: MalwareTech

Read More
Videos Vulnerability Research

[Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis

April 23, 2022May 3, 2022

Walking through my process of how I use patch analysis and reverse engineering to find vulnerabilities, then evaluate the risk and exploitability of bugs.

Read More
Opinions

An in-depth look at hacking back, active defense, and cyber letters of marque

November 17, 2021

There has been much discussion in cyber security about the possibility of enabling the private sector to engage in active cyber defense, or colloquially “hacking

Read More
Vulnerability Research

How I Found My First Ever ZeroDay (In RDP)

December 31, 2020January 1, 2021

Up until recently, I’d never tried the bug hunting part of vulnerability research. I’ve been reverse engineering Windows malware for over a decade, and I’d

Read More
Vulnerability Research

BlueKeep: A Journey from DoS to RCE (CVE-2019-0708)

September 6, 2019September 7, 2019

Due to the serious risk of a BlueKeep based worm, I’ve held back this write-up to avoid advancing the timeline. Now that a proof-of-concept for

Read More
Vulnerability Research

DejaBlue: Analyzing a RDP Heap Overflow

August 19, 2019August 20, 2019

In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were wormable. The wormable bugs, CVE-2019-1181 & CVE-2019-1182 affect

Read More
Opinions

YouTube’s Policy on Hacking Tutorials is Problematic

July 3, 2019July 5, 2019

Recently YouTube changed its policy on “hacking” tutorials to an essential blanket ban. In the past, such content was occasionally removed under YouTube’s broad “Harmful

Read More
Vulnerability Research

Analysis of CVE-2019-0708 (BlueKeep)

May 31, 2019September 11, 2019

I held back this write-up until a proof of concept (PoC) was publicly available, as not to cause any harm. Now that there are multiple

Read More
Vulnerability Research

Analysis of a VB Script Heap Overflow (CVE-2019-0666)

April 2, 2019April 3, 2019

Anyone who uses RegEx knows how easy it is to shoot yourself in the foot; but, is it possible to write RegEx so badly that

Read More
Reverse Engineering

Video: First Look at Ghidra (NSA Reverse Engineering Tool)

March 6, 2019March 6, 2019

Today during RSA Conference, the National Security Agency release their much hyped Ghidra reverse engineering toolkit. Described as  “A software reverse engineering (SRE) suite of

Read More

Posts navigation

1 2 … 11 Next

  • Twitter

  • Youtube

  • Twitch

  • Discord

  • Instagram

  • RSS
  • Donations




    Categories

    • For Beginners
    • Hacking
    • Malware Analysis
    • News
    • Opinions
    • Personal Stories
    • Reverse Engineering
    • Threat Intelligence
    • Uncategorized
    • Videos
    • Vulnerability Research
    Copyright MalwareTech 2022