InSEERcurity SpotlightbyArun NairAbusing AV/EDR Exclusions to Evade DetectionsLong time dear readers. In this blog post we’ll see how to abuse a common feature in Antivirus and EDRs that’s not often talked about. I…Aug 13, 2024Aug 13, 2024
InSEERcurity SpotlightbyArun NairAbusing AV/EDR Exclusions to Evade DetectionsLong time dear readers. In this blog post we’ll see how to abuse a common feature in Antivirus and EDRs that’s not often talked about. I…Aug 13, 2024Aug 13, 2024
CICADA8OSEP Unleashed. The advance of in-memory payload executionEverything OSEP didn’t tell you. How to execute payloads in memory and bypass antivirus.Jul 27, 2024Jul 27, 2024
CICADA8OSEP Unleashed. The advance of in-memory payload executionEverything OSEP didn’t tell you. How to execute payloads in memory and bypass antivirus.Jul 27, 2024Jul 27, 2024
Knownsec 404 teamTechniques Learned from the XZ BackdoorAuthor:Hcamael@Knownsec 404 Team Chinese version: https://paper.seebug.org/3060/May 11, 2024May 11, 2024
InPosts By SpecterOps Team MembersbyZach SteinAutomating SCCM with Ludus: A Configuration Manager for Your Configuration ManagerTL;DR: Using Ludus as the backend, and with the help of Erik at Bad Sector Labs, I present a fully customizable SCCM deployment you can…Jun 6, 2024Jun 6, 2024
InPosts By SpecterOps Team MembersbyZach SteinAutomating SCCM with Ludus: A Configuration Manager for Your Configuration ManagerTL;DR: Using Ludus as the backend, and with the help of Erik at Bad Sector Labs, I present a fully customizable SCCM deployment you can…Jun 6, 2024Jun 6, 2024
SapientflowFinding pastures new: An alternate approach for implant design(MetaInvoke [Alpha])Mar 17, 2024Mar 17, 2024
SapientflowFinding pastures new: An alternate approach for implant design(MetaInvoke [Alpha])Mar 17, 2024Mar 17, 2024
delivr.todelivr.to’s Top 10 Payloads (May ‘24): Auth Coercion, BYOI and Esoteric ContainersThe latest installment of delivr.to’s Top 10. SMB auth coercion, 3rd party script interpreters used for process injection & esoteric…May 28, 2024May 28, 2024
delivr.todelivr.to’s Top 10 Payloads (May ‘24): Auth Coercion, BYOI and Esoteric ContainersThe latest installment of delivr.to’s Top 10. SMB auth coercion, 3rd party script interpreters used for process injection & esoteric…May 28, 2024May 28, 2024
Jonathan JohnsonExploring Impersonation through the Named Pipe Filesystem DriverIntroductionMay 3, 20231May 3, 20231
Jonathan JohnsonExploring Impersonation through the Named Pipe Filesystem DriverIntroductionMay 3, 20231May 3, 20231
Jonathan JohnsonThreadSleeper: Suspending Threads via GMER64 DriverOriginally posted: https://www.binarydefense.com/resources/blog/threadsleeper-suspending-threads-via-gmer64-driver/Jul 21, 2023Jul 21, 2023
Jonathan JohnsonThreadSleeper: Suspending Threads via GMER64 DriverOriginally posted: https://www.binarydefense.com/resources/blog/threadsleeper-suspending-threads-via-gmer64-driver/Jul 21, 2023Jul 21, 2023
