filmov
tv
What are TLS Callbacks and How to Find Them!
Показать описание
We continue to explore the PE file format in this video by investigating TLS (thread local storage) callbacks.
🔥 Join this channel to get access to perks:
TLS callbacks are used by malware authors to execute code before the main entry point of the program. This technique is primarily used as an anti-debugging technique, allowing malware to execute before the debugger takes control at the programs entry. How prevalent is this technique still? We'll explore that as well in this video using Yara, as well as use MalCat and 010 editor to look at the internal structures of a PE file that support TLS callbacks.
Cybersecurity, reverse engineering, malware analysis and ethical hacking content!
🌶️ YouTube 👉🏻 Like, Comment & Subscribe!
1:30 Definition of TLS on MSDN
2:58 TLS Structure Definition
3:48 Our Sample Program
5:27 Identifying TLS Callbacks in 010
7:40 Finding the First Callback in 010
10:00 TLS Callbacks in IDA Pro
11:13 Switching to Malcat
12:19 Why Do We Need to Know This?
12:54 How Prevalent are TLS Callbacks? Investigating with Yara
13:49 Expanding our Search with Yaraify
15:03 Investigating Recent Examples
🔥 Join this channel to get access to perks:
TLS callbacks are used by malware authors to execute code before the main entry point of the program. This technique is primarily used as an anti-debugging technique, allowing malware to execute before the debugger takes control at the programs entry. How prevalent is this technique still? We'll explore that as well in this video using Yara, as well as use MalCat and 010 editor to look at the internal structures of a PE file that support TLS callbacks.
Cybersecurity, reverse engineering, malware analysis and ethical hacking content!
🌶️ YouTube 👉🏻 Like, Comment & Subscribe!
1:30 Definition of TLS on MSDN
2:58 TLS Structure Definition
3:48 Our Sample Program
5:27 Identifying TLS Callbacks in 010
7:40 Finding the First Callback in 010
10:00 TLS Callbacks in IDA Pro
11:13 Switching to Malcat
12:19 Why Do We Need to Know This?
12:54 How Prevalent are TLS Callbacks? Investigating with Yara
13:49 Expanding our Search with Yaraify
15:03 Investigating Recent Examples
0:17:26
What are TLS Callbacks and How to Find Them!
0:16:36
Understanding the PE+ File Format - Part 4: Entry Points and TLS Callbacks
0:01:01
Malware Minute -- Catching TLS Callbacks
0:02:28
PE TLS Callbacks
0:11:30
Hiding Code Behind Thread-Local Storage - Reverse Engineering TLS Callbacks
0:11:04
Part 7 TLS Callbacks and preventing debugger detection with IDA
0:21:51
MTLS - Mutual TLS (Everything you need to know)
0:14:16
2013 Day2P13 LoB: Thread Local Storage (TLS)
0:41:43
GopherCon 2017: Filippo Valsorda - Encrypting the Internet with Go
0:01:16
Windows : What does 'CALLBACK' in a Windows API function declaration mean?
0:00:53
This Node utility function is useful for turning callbacks into promises #shorts
0:09:38
The Problem Of TLS Visibility
![[EN] Fibers Are](https://i.ytimg.com/vi/qKQcUDEo-ZI/hqdefault.jpg)
0:27:39
[EN] Fibers Are the Right Solution / Samuel Williams @ioquatix
0:35:52
A Brief History of Encrypting Your Redis Traffic - RedisConf 2020
0:00:57
NODE Util.Promisify() with MySQL - prevented nested callbacks. #shorts, #NODE #javascript
0:43:16
Coroutines for Java Developers by Eugene Petrenko
1:02:10
Windows Internals Crash Course
0:25:43
TLS Test Framework How to check if your SSL server is standards compliant and client compatible
0:44:49
Callback objects | Yarden Shafir | BSides Delhi 2020
0:43:45
Writing a TLS Client with OpenSSL
1:00:31
Exploring the Code Behind IoT Development Boards
0:36:27
RuhrSec Day 2022 // Why TLS is better without STARTTLS ... , Damian Poddebniak and Fabian Ising
0:27:57
Enabling kfuncs to specific modifiers per-arg, rather than per-kfunc Allowing... - David Vernet
0:51:38
In-Kernel TLS Framing and Encryption for FreeBSD (2019)
Комментарии