Forwarded from CyberSecurityTechnologies
#AIOps
#MLSecOps
#RAG_Security
#Offensive_security
AI pentest scoping playbook
https://devansh.bearblog.dev/ai-pentest-scoping
// Scoping AI security engagements is harder than traditional pentests because the attack surface is larger, the risks are novel, and the methodologies are still maturing
#MLSecOps
#RAG_Security
#Offensive_security
AI pentest scoping playbook
https://devansh.bearblog.dev/ai-pentest-scoping
// Scoping AI security engagements is harder than traditional pentests because the attack surface is larger, the risks are novel, and the methodologies are still maturing
pwndbg
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
#reverse_engineering #windbg #pwndbg #malware_analysis
@ZwLowLevel
https://github.com/pwndbg/pwndbg
GitHub
GitHub - pwndbg/pwndbg: Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy - pwndbg/pwndbg
Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys)
#windows_kernel #kernel_exploit #cve
@ZwLowLevel
https://github.com/enessakircolak/Windows-11-24h2-Kernel-Exploit
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - enessakircolak/Windows-11-24h2-Kernel-Exploit: Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys)
Windows 11 24h2 LPE Kernel Exploitation. CVE-2020-12446(eneio64.sys) - enessakircolak/Windows-11-24h2-Kernel-Exploit
#ntfs #file_system #mft #windows_internals
@ZwLowLevel
https://hackmag.com/security/ntfs-inside
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Inside NTFS: The Windows Master File Table (MFT) Internals Explained
Tech magazine for cybersecurity specialists
FunkSec – Alleged Top Ransomware Group Powered by AI
#ransomware #ai #funksec
#ransomware #ai #funksec
@ZwLowLevel
https://research.checkpoint.com/2025/funksec-alleged-top-ransomware-group-powered-by-ai/
Forwarded from ARVIN
Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea
https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea
https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea
https://github.com/abrewer251/CVE-2025-62215_Windows_Kernel_PE
CVE-2025-62215 Exploit PoC
CVE-2025-62215 Exploit PoC
@ZwLowLevel
cl.exe poc.cpp /Od /ZI /RTC1 /MDd /link /OUT:unicorn.exe
[*] Starting CVE-2025-62215 exploitation...
[*] Performing heap spray...
[+] Allocated 100 heap chunks
[*] Spawning 8 threads to trigger race condition...
[*] Waiting for race condition...
[+] SUCCESS: Privilege escalation detected!
[+] EXPLOITATION SUCCESSFUL!
[+] Privileges escalated to SYSTEM
GitHub
GitHub - abrewer251/CVE-2025-62215_Windows_Kernel_PE: This PoC demonstrates a race condition in the Windows kernel leading to a…
This PoC demonstrates a race condition in the Windows kernel leading to a double-free vulnerability, allowing local privilege escalation to SYSTEM. The exploit uses multithreaded handle manipulatio...
Un artículo de hace aproximadamente dos años, pero que aún sigue siendo atractivo!
#irp #windows_kernel
#windows_internals #ring0
@ZwLowLevel
https://idov31.github.io/posts/lord-of-the-ring0-p5
Please open Telegram to view this post
VIEW IN TELEGRAM
Ryūjin Protector is an open-source Bin2Bin obfuscation, protection, and DRM tool for Windows PE binaries targeting the Intel x64 architecture (x86_64 only).
#obfuscation #pe #anti_debugging
#anti_analysis
@ZwLowLevel
GitHub
GitHub - keowu/Ryujin: Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool
Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool - keowu/Ryujin
Forwarded from Sec Note
Please open Telegram to view this post
VIEW IN TELEGRAM
Ibm
You just got vectored - Using vectored exception handlers (VEH) for defense evasion and process injection | IBM
Vectored Exception Handlers (VEH) have been used in malware for over a decade, but now they're gaining attention from the offensive security industry. Let's take a closer look.
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
#malware_spreading #malware_analysis
#malware_campaing
@ZwLowLevel
Trustwave
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
SpiderLabs has recently identified a banking Trojan we dubbed Eternidade Stealer, which is distributed through WhatsApp hijacking and social engineering lures.
Windows User Space Emulator
#syscall #emulator #user_mode
#sandbox
@ZwLowLevel
https://github.com/momo5502/sogen
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - momo5502/sogen: 🪅 Windows User Space Emulator
🪅 Windows User Space Emulator . Contribute to momo5502/sogen development by creating an account on GitHub.
Ghost is a process injection detection tool written in Rust.
#malware_analysis #process_injection
@ZwLowLevel
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
BOF Writeup (Pwnable.kr)
About Pwnable.kr