GitHub

sharem-blue-shellcode-analysis-disassembler-dfir-framework

SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, ...
GitHub

SHAREM_ Advanced Windows Shellcode Analysis Framew.json

"Github URL": "https://github.com/Bw3ll/sharem", "Description": "Shellcode can be cryptic, especially when encoded. Understanding its functionality is not ...
Microsoft

Shellcode Analysis via MSEC Debugger Extensions

In a previous post we provided some background on the !exploitable Crash Analyzer which was released earlier this year. One of the things that we didn’t mention is that !exploitable is just one of the ...
IEEE

Efficient Shellcode Detection Based on Convolutional Neural Network

Abstract: An important method to detect intrusion is to identify attack codes such as shellcode. However, the popular simulation methods seriously slow down the efficiency, while static detection ...
USENIX

An Empirical Study of Real-world Polymorphic Code Injection Attacks

Remote code injection attacks against network services remain one of the most effective and widely used exploitation methods for malware propagation. In this paper, we present a study of more than 1.2 ...
IEEE

An ML-driven Adaptive TGTCT-2SRU-Based Security Framework For Polymorphic Shellcode Analysis In Multi-Layered Cloud Environment

Abstract: Adaptive Security Mechanisms (ASMs) are vital in the era of Cloud Computing (CC) for handling Evolving Threats (ETs). Nevertheless, none of the existing works concentrated on examining the ...
The Hacker News

Shellcode | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers are warning of a new phishing campaign that's targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe. The activity is part of a broader ...