Susan Ghosh
@SubZero0x9
Security Analyst and Researcher. Trying very hard to figure out C, Assembly and Windows Internals. Eternal N00b.🐶
You might like
Today I am releasing a new blog on Windows on ARM! It comes from the perspective of one, like myself, who comes from an x86 background and is new, but, interested in Windows on ARM! ELs, OS & hypervisor behavior (with VBS), virtual memory, paging, & more! connormcgarr.github.io/arm64-windows-…
Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM. github.com/trustedsec/Tit…
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
Windows local privilege escalation through the bitpixie vulnerability blog.syss.com/posts/bitpixie/
this is my short analysis of a little-known security feature built into Windows that inadvertently broke one of our authenticode signatures recently elastic.co/security-labs/…
You want to load your shellcode in .NET without calling VirtualProtect? Use RuntimeHelpers.PrepareMethod to create a predictable RWX memory region for you. This method also doesn't require a delegate function pointer, since you override a .NET method. github.com/Mr-Un1k0d3r/Do…
why do people hate secure boot? honest question
Black Hat Bonus: Learn more about @kyleavery_ 's research on training self-hosted LLMs to generate evasive malware and creation of a 7B parameter model that generates evasive Cobalt Strike shellcode loaders able to bypass Microsoft Defender for Endpoint. ow.ly/1EUf50WBI5e
🎁 We’re giving away 1 FREE seat to our premium live workshop: “EDR Internals – Research & Development”! 🔥 40+ hours of hands-on labs 🔍 Reverse real-world EDRs, build custom detection logic 🧠 Dive into syscall hooking, ETW tracing, kernel-mode techniques & more Want in? ✅…
I was messing around with symbol resolution in ELF and came up with an obfuscation technique on abusing symbol resolution in ELF programs that is able to trick tools (i.e. Ghidra, IDA, GDB) into showing the wrong library function calls. blog.elmo.sg/posts/breaking…
This will be one of the few OSEE trainings held in Asia. Welcome to Taiwan :) blog.orange.tw/posts/2025-07-…
Under-the-hood, Ember uses LightGBM to score a sample from 0 to 1. I added this functionality into Citadel so any binaries added to the framework are now summarised and scored as well as the rest of the Citadel analysis. Read it here: mez0.cc/posts/citadel-…
Including nice tool release 🔥 github.com/temp43487580/E…
This is my research project in creating read, write and allocate primitives that can be turned into an injection in order to evade certain telemetry which I presented last year in RedTreat. I hope everyone likes it \m/. trickster0.github.io/posts/Primitiv…
Windows 11 24H2 broke a popular malware evasion technique! The Lloyd Labs self-deletion method now fails because of NTFS changes, so I spent time with kernel debugging to figure out why and how to fix it. Full technical breakdown: tkyn.dev/2025-6-8-The-N…
Have you ever wondered if there was a way to deploy a "Remote EDR"? Today I'm excited to share research I've been working on for the past couple months. This dives into DCOM Interfaces that enable remote ETW trace sessions without dropping an agent to disk. Includes a detailed…
RemoteMonologue - A Windows credential harvesting attack that leverages the Interactive User RunAs key and coerces NTLM authentications via DCOM. Remotely compromise users without moving laterally or touching LSASS. Hope you enjoy the blog & tool drop 🤟 ibm.com/think/x-force/…
(1/x) For some reason people keep asking me how to get into reverse engineering. The obvious answer would be do CTFs or reverse malware (aka just do it), but I also think game hacking/modding (not cheating!) can be fun and still provide the same learning experience. An example:
United States Trends
- 1. Raindotgg 1,050 posts
- 2. Louisville 14.2K posts
- 3. Lubin 5,043 posts
- 4. #GoAvsGo 1,393 posts
- 5. Miller Moss 1,132 posts
- 6. Nuss 5,576 posts
- 7. Batum N/A
- 8. UCLA 7,341 posts
- 9. Emmett Johnson 1,901 posts
- 10. #Huskers 1,023 posts
- 11. Bama 13.5K posts
- 12. #FlyTogether 1,427 posts
- 13. Brohm 1,117 posts
- 14. Oilers 4,188 posts
- 15. Ty Simpson 3,495 posts
- 16. Lateef 2,068 posts
- 17. The ACC 20.1K posts
- 18. Nikki Glaser N/A
- 19. #BlueExorcist N/A
- 20. #TheFutureIsTeal N/A
You might like
-
Chetan Nayak (Brute Ratel C4 Author)
@NinjaParanoid -
Pixis
@HackAndDo -
Sean Metcalf
@PyroTek3 -
Ryan
@Haus3c -
Rasta Mouse
@_RastaMouse -
bohops
@bohops -
Jason Lang
@curi0usJack -
Tim MalcomVetter
@malcomvetter -
Harley Lebeau
@r3dQu1nn -
Dwight Hohnstein
@djhohnstein -
@[email protected]
@christruncer -
Mike Felch (Stay Ready)
@ustayready -
Spiros Fraganastasis
@m3g9tr0n -
HackSys Team
@HackSysTeam -
b33f | 🇺🇦✊
@FuzzySec
Something went wrong.
Something went wrong.