내가 좋아할 만한 콘텐츠
Having a look #Remcos #Stealer sample today Anti-sandboxing technique spotted. It pings for a few seconds…fooling the sandbox. Stealth level: 0/10. 😏 Its a new persistence technique?🤣 ☣️2bc86fe5ea8cecd9bd2f78362446e848 app.any.run/tasks/7ac010c6…
GitHub - ZemarKhos/CVE-2025-55315-PoC-Exploit: CVE-2025-55315 PoC Exploit github.com/ZemarKhos/CVE-…
VEH-Based Function Call Obfuscation - Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swapping without memory or assembly allocation github.com/EvilBytecode/E…
EDR-Redir: You can break EDRs/Antivirus from user mode with bind link and cloud minifilter. Because your payload deserves privacy. #antimalware #itsecurity #redteam
Wrote a blog about creating an early exception handler for hooking and threadless process injection without relying on VEH or SEH. You can definitely use it for more than what is described in the post, enjoy :) kr0tt.github.io/posts/early-ex…
It looks like an executable file with a .jpg extension from the early 2000s. But no! This is a method to create persistence with a non-existent executable file to bypass #antimalware #PenTesting #BlueTeam
Another hoontr find: tprtdll.dll (like so many others) exposes some Nt/Rtl/Zw functions. It doesn't redirect to ntdll, instead it makes the syscall itself - so you can call something like NtAllocateVirtualMemoryEx without ever touching ntdll! PoC: github.com/whokilleddb/fu…
#redteam Hey, look! Windows with two "System32" folders.😲 Hey, keep looking at this! A process loads the same DLL twice and keeps both instances in memory.😲 #malware #blueteam
Black Hat Bonus: Learn more about @kyleavery_ 's research on training self-hosted LLMs to generate evasive malware and creation of a 7B parameter model that generates evasive Cobalt Strike shellcode loaders able to bypass Microsoft Defender for Endpoint. ow.ly/1EUf50WBI5e
#redteam If you name the file long enough, your file will vanish from the Process Explorer Lower Pane. 😂 #blueteam #pentest
Out Of Control: How KCFG and KCET Redefine Control Flow Integrity in the Windows Kernel by @33y0re i.blackhat.com/BH-USA-25/Pres…
Nice trick showing that the very same zip can be seen differently by two different programs. I've examined how this quirk could help us in zip path traversal attacks: blog.isec.pl/disguises-zip-…
Want to learn about Chrome exploitation and the role of WebAssembly in it? In our new article, we'll break down the world of WASM, how it interacts with V8, and use CVE-2024-2887 as a case study to show how flaws in WASM can lead to RCE. Read it here: ssd-disclosure.com/an-introductio…
Dropped a PoC demonstrating how to leverage “IOCTL_VOLSNAP_DELETE_SNAPSHOT” (0x53C038) to delete Windows shadow copies github.com/NUL0x4C/IOCTL_…
Announcing our whitepaper on the future of endpoint security. preludesecurity.com/runtime-memory…
''Windows Inter Process Communication A Deep Dive Beyond the Surface - Part 2'' #infosec #pentest #redteam #blueteam sud0ru.ghost.io/windows-inter-…
United States 트렌드
- 1. Brian Cole 34.3K posts
- 2. #TrumpAffordabilityCrisis 5,363 posts
- 3. Eurovision 105K posts
- 4. Tong 18.9K posts
- 5. #EndRevivalInParis 13.8K posts
- 6. #Kodezi 1,186 posts
- 7. #OlandriaxHarvard 1,699 posts
- 8. Woodbridge 5,685 posts
- 9. Rwanda 33.4K posts
- 10. Wray 14.1K posts
- 11. #NationalCookieDay 1,674 posts
- 12. Jalen Carter 1,591 posts
- 13. Black Album 2,150 posts
- 14. Legend Bey 1,351 posts
- 15. TPUSA 76.8K posts
- 16. Chadwick 1,122 posts
- 17. Sidwell N/A
- 18. KJ Jackson N/A
- 19. $SMX 1,883 posts
- 20. Happy Birthday Dan 4,116 posts
Something went wrong.
Something went wrong.