Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

742 Excellent

About betweengap

  • Rank

Recent Profile Visitors

128 profile views
  1. ptrace advanced software exploitation is very old; there is one type confusion in java runtime and a info leak in firefox (vulns are around 2010-2011) as for driver/kernel exploitation, you probably can learn a lot by reading HEVD write-ups; patch diffing is also a good way to spot vulns; I'm in very similar situation like you (lack of modern public exploitation document/tutorial); the only way I know is to read AWE prep guides[1][2] and practice based on them; the other option is to look for logical vulns[3]. they are way way more easy to understand and find; you can DM me and we will talk about it more; sharing useful links/tutorials/documents and ... [1]: [Hidden Content] [2]: [Hidden Content] [3]: [Hidden Content]
  2. I'm sorry for that and I will keep telling people about not exchanging/selling/sharing it; please back the blog about modern exploitation - Microsoft Edge - CFG-ACG - Sandbox Escape, .. other people in Exploit Dev world seem to not like publish tutorials about modern exploitation; there are certainly people that started your tutorial series back in 2009-2012(exactly when you started writing) and they are people that took your "Advanced Training"; but please tell me one new|modern series about exploitation!! I know that most red teams don't use exploits in their tradecrafts but there are individuals just like me that like exploitation;
  3. it seems we will have good year
  4. I've shared this long time ago; but it seems nobody have downloaded it; [hide][Hidden Content]]
  5. basically this guy is selling/exchanging courses;
  6. keep this up there is online training; maybe we get something from it
  7. based on 2017 version of 610 (uploaded). the course main focus is on behaviour analysis, which is what you do in 80% cases as malware analyst; but sometimes you need to dig deeper; (write scrip to deobfuscate strings - write script to comment run-time loaded API Calls; see this: [Hidden Content] if you are supposed to have Certificate to get job, then go for it. side effect of taking 610 is you will join sans forum on DFIR, which is good way to show your skills, expand your network, etc in general, take a look at other courses/materials out there: OALabs (free) - Zero2Auto (paid) - MalwareUnicorn RE 102 Workshop (free), ... I"m not professional, but these are my opinion on it; It may be wrong; also there was a discussion on reddit on certificates/courses on Malware Analysis; they talk about 610 too; at the end, read this: [Hidden Content]
  8. It's by far the worst malware analysis course that I have seen go for vitali kremez course
  9. on reply to a idiot seller, here is the Embedded/IoT Linux for Red-Blue Teams: [Hidden Content] Open Source Intelligence Techniques - 7th Edition (2019) [Hidden Content]
  10. be sure that I will share them when I get one of the these courses: Advanced Fuzzing and Crash Analysis Zero 2 Automated Adversary Simulation and Red Team Tactics by MDsec
  11. Fuzzing for Software Security Testing and Quality Assurance, Second Edition Malware Analysis and Detection Engineering Professional Rootkits Secure Coding in C and C++ Surreptitious Software: Obfuscation, Watermarking, and Tamper proofing [Hidden Content] I also have the followings: SEC760: Advanced Exploit Development for Penetration Testers - 2019 - FULL Open Source Intelligence Techniques - 7th Edition (2019) Embedded/IoT Linux for Red-Blue Teams Dark Side Ops: Malware Dev Dark Side Ops 2: Adversary Simulation code - I will support you if you have any question regarding codes Ex: how they work, improvements- be aware that it's only the code of course 1 Day To Forensics Mastery 2.0 Exploit Development Student - FULL Proof of some of them: [Hidden Content] Advanced Fuzzing and Crash Analysis Zero 2 Automated Adversary Simulation and Red Team Tactics by MDsec after I got one of the above course, I will upload mine (course/books) to your desired upload center
  12. @rawr1 can you re-upload the contents?
  • Create New...