Hopefully they make enough from this to help cover the donation interruption More on reddit.com

Thanks to vx underground we have a complete backup from June 2024 on https://infocon.org in the mirrors directory. It’s available at a torrent as well, about 6+ TB in size. A great resource, thanks Smelly! More on reddit.com

Focus on what interests you and start building it out rather than focusing on reading papers. You will have no shortage of material to read when you are going through a detailed blog post and building something based on the information. It is really helpful to do, especially when source code is provided alongside the article so you can check your work or just play with it. You should always be using a VM and take advantage of the snapshot feature to roll back when you inevitably fuck something up (it happens to all of us). Your VM is your lab setting to test things without worrying about breaking your computer. Snapshots allow you to roll back if something breaks. FlareVM is what I use for MalDev on Windows. It really depends on your level of experience with a particular platform where you should start. Using Windows as an example, you would want to understand executable type files to learn the answer to questions such as: what are the file extensions that can execute code? what is an exe? what is a dll? how does an exe load dlls? what is a batch file and how does it work? what is a powershell script and how does it work? what other options do I have for scripting, downloading and executing code? What tooling exists on the OS that can be helpful such as: Cmd, Powershell mshta.exe -> what is an hta file and how does it work? Bonus: what is a chm file, what loads it, and how does it work? What executable files already exist (living off the land) that can initiate a download or decode base64 for me? (certutil, lolbins, lolbas) Where do things automatically start such as: Startup folder Scheduled tasks (like cron jobs) Registry CurrentVersion\Run key What the registry is and how it works: What is the difference between HKLM and HKCU? Where can I find the settings for a scheduled task? Where can I add/remove startup entries? Where can I see the settings for background services? When you understand stuff like this, it is much easier to build software to use those features to your advantage. You get this understanding through spending time using the OS and practicing what you learn about. Learning a technique without understanding the underlying functionality will limit you greatly, so it's important to learn how something works in the first place if you want to subvert and abuse it effectively. That's not to say you have to take a deep dive into OS internals to comprehend the important parts of an exploit, but you should have a grasp on how it works enough to give a rough overview if you were in a position to have to explain it. I strongly recommend MalDevAcademy and a somewhat related youtube channel called Cr0w Academy, as well as the discord linked in his video descriptions. Lsecqt is another solid youtube channel that is beginner-friendly and also has a Discord with some talented people in it. Vx-Underground has a Red Team Discord server that I pop into to answer questions from time to time, I do the same in the others I mentioned. None of these places have a shortage of idiots who get dismissed, ignored, or fucked with because they ask stupid questions. The best advice I can give you is to leverage the community with this caveat: the community will help you, but not if you ask stupid questions or are obviously trying to do blackhat shit like spreading or asking stuff like "How do I get past Defender?" with no other context. Do your research on a topic, learn about it, and ask based on that. The gist of being someone who always gets answers is not asking a question easily answered with a simple Google search or asking ChatGPT - instead use your searches and research as a jumping off point to ask a more targeted question. Most of the papers on Vx-Underground are intermediate to advanced if I had to put a label on them. You are better off with MalDevAcademy and the youtube channel resources I posted above. This is not really a beginner-friendly topic as a whole if you don't understand the OS you are attacking, so keep that in mind. You may want to consider looking into some blue team resources to gain a better understanding of the OS. TryHackMe is a decent resource for that and you can use the topics they cover to expand your knowledge beyond the course by Googling, using ChatGPT, or asking people in the community for more information about whatever the course covers. Thank you for coming to my TED talk. More on reddit.com

Focus on what interests you and start building it out rather than focusing on reading papers. You will have no shortage of material to read when you are going through a detailed blog post and building something based on the information. It is really helpful to do, especially when source code is provided alongside the article so you can check your work or just play with it. You should always be using a VM and take advantage of the snapshot feature to roll back when you inevitably fuck something up (it happens to all of us). Your VM is your lab setting to test things without worrying about breaking your computer. Snapshots allow you to roll back if something breaks. FlareVM is what I use for MalDev on Windows. It really depends on your level of experience with a particular platform where you should start. Using Windows as an example, you would want to understand executable type files to learn the answer to questions such as: what are the file extensions that can execute code? what is an exe? what is a dll? how does an exe load dlls? what is a batch file and how does it work? what is a powershell script and how does it work? what other options do I have for scripting, downloading and executing code? What tooling exists on the OS that can be helpful such as: Cmd, Powershell mshta.exe -> what is an hta file and how does it work? Bonus: what is a chm file, what loads it, and how does it work? What executable files already exist (living off the land) that can initiate a download or decode base64 for me? (certutil, lolbins, lolbas) Where do things automatically start such as: Startup folder Scheduled tasks (like cron jobs) Registry CurrentVersion\Run key What the registry is and how it works: What is the difference between HKLM and HKCU? Where can I find the settings for a scheduled task? Where can I add/remove startup entries? Where can I see the settings for background services? When you understand stuff like this, it is much easier to build software to use those features to your advantage. You get this understanding through spending time using the OS and practicing what you learn about. Learning a technique without understanding the underlying functionality will limit you greatly, so it's important to learn how something works in the first place if you want to subvert and abuse it effectively. That's not to say you have to take a deep dive into OS internals to comprehend the important parts of an exploit, but you should have a grasp on how it works enough to give a rough overview if you were in a position to have to explain it. I strongly recommend MalDevAcademy and a somewhat related youtube channel called Cr0w Academy, as well as the discord linked in his video descriptions. Lsecqt is another solid youtube channel that is beginner-friendly and also has a Discord with some talented people in it. Vx-Underground has a Red Team Discord server that I pop into to answer questions from time to time, I do the same in the others I mentioned. None of these places have a shortage of idiots who get dismissed, ignored, or fucked with because they ask stupid questions. The best advice I can give you is to leverage the community with this caveat: the community will help you, but not if you ask stupid questions or are obviously trying to do blackhat shit like spreading or asking stuff like "How do I get past Defender?" with no other context. Do your research on a topic, learn about it, and ask based on that. The gist of being someone who always gets answers is not asking a question easily answered with a simple Google search or asking ChatGPT - instead use your searches and research as a jumping off point to ask a more targeted question. Most of the papers on Vx-Underground are intermediate to advanced if I had to put a label on them. You are better off with MalDevAcademy and the youtube channel resources I posted above. This is not really a beginner-friendly topic as a whole if you don't understand the OS you are attacking, so keep that in mind. You may want to consider looking into some blue team resources to gain a better understanding of the OS. TryHackMe is a decent resource for that and you can use the topics they cover to expand your knowledge beyond the course by Googling, using ChatGPT, or asking people in the community for more information about whatever the course covers. Thank you for coming to my TED talk. More on reddit.com