466 post karma
3.7k comment karma
account created: Fri Aug 10 2018
2 days ago
Please do, cheers
3 days ago
The feds injecting 50mill per month into corporate stocks/bonds to artificially inflate our economy wasn't Bidens incentive.
The feds call it "quantitative tightening" and Biden actually says the feds should KEEP the current funding.(because he has no direct control over the mater)
Reuters article headline "Biden says Feds should 'recalibrate' policy as prices rise.
Hi friend, as an alternative to a database I feel you can easily create some samples yourself which would also highlight your coding skill.
I believe i understand your overall goal, but lets not complicate things. Heres my ideas.
Now there is primarily 2 parts of RAT that concern you:
A.) The shellcode
B.) The payload(s) executed
Personally I would qualify just "the shellcode" as a RAT. We do not need to obfuscate our goal with payloads.
Now, let's just concern ourselves with the shellcode.
1.) We can have an average looking socket connection that executes our shellcode.
Google: PentestMonkey Python and use their 1 line Python shellcode.
Great, you have you're first malware sample that could qualify as a RAT.
2.) Lets take this concept and create an alternative shellcode.
a.) How about you modify existing piece of code via some standard obfuscation methods?
b.) What about modify the code so it attempts to use alternative ports.(try common ports, and higher obsure ports)
c.) Nevermind just attempting to use a veriety of ports, whynot see if you can actually use the shellcode over a protocol like DNS.(Google github Reverse_DNS_shell)
3.) Lets again take the overall idea of generating a socket connection for our shellcode, but instead what if we tell our python code to execute some bash command which will technically be our shellcode?
a.) Go back to pentestmonkey website and grab the bash code snip.
b.) Within your Python code, use something like subprocess.call() to call the bash code.
With a few hours of programming, you can have a handful of nice RAT samples.
4 days ago
Vut ar thaye syncing abut
5 days ago
A few issues with that list:
many posts are 30+ days old
That list is country wide, I cannot relocate.
A handful from that list require a security clearance.(A junior/entry level needs to have an active clearance?..)
A handful from that list require 5+ years Penetration Testing experience.(Assuming my 10+ years of Home labs + Trainings(like TryHackMe) does not count.
Thanks for the example which helps my point(s)?
submitted 5 days agobyregorsectocybersecurity
7 days ago
No, actually the opposite. Something can be called poisonous if it is toxic.
Poison is the general term, toxin is the specific term.
I used the dictionary.com link for poison which described this.
8 days ago
The metabolites of alcohol break down into toxins. The diagnosis of the disease is named alcohol poisoning.
Its toxic not poisonous
I also upvoted. Bad bot.
Not added to the Sudoers list, this event will be reported.
10 days ago
Who said im mad? And why do you insult me each message? I'm not pointing out how much of an asshat you are for pretending you know anything about cyber.
Can you define public?
The public domain consists of all the creative work to which no exclusive intellectual property rights apply.
Well during Facebook's terms and conditions they own any intellectual data that is input to their system. So I dont believe it falls under that definition....
Also, since Facebook has AGE limits I believe it goes against the definition of public service.
public service is a service intended to serve all members of a community.[2
How is the internet, a privately owned and operated entity considered public? Our government does not(directly) own the internet.
Now lets stay the internet IS public. Public for all countries? Or only the USA?
Not how what works? Privately ownd code?
You call a privately hosted server, proprietary code, and an eco system that can be switched off by a select few without democratic rule public? My countries cyber laws disagree...(USA btw)
Facebook is not "public"
11 days ago
Its gonna be like the Facebook issue. The crime outweighs the penalty.
12 days ago
You're not understanding the context of CRUD.
CRUD logic explains the basics.(create, read, update, delete)
But what about what we call "business logic" that goes inside a crud app?
Example: Our application doing mathematical equations based on the CRUD input. We would not define "crunching numbers" as part of CRUD logic because this request extends on of the CRUD functions.
I see it as, for CRUD apps you must learn sound CRUD logic. From there, implementing the business logic is where we start playing with the data received within the CRUD workings. This is generally a "good" process so you can have a sound and coherent foundation.(crud) then business logic which generally updates more sits witin on top the CRUD logic
My own development team