Bind Link – EDR Tampering
#edr_bypass #edr_evasion
@ZwLowLevel
https://ipurple.team/2025/12/01/bind-link-edr-tampering/
Purple Team
Bind Link – EDR Tampering
The Bind Link API enables Administrators to create transparent mappings from a virtual path to a backing path (local or remote). The Bind Link feature was introduced in Windows 11 and according to …
🗿1
#linux_kernel #ring_0
#linux_exploitation
#exploitation
@ZwLowLevel
https://faith2dxy.xyz/2025-11-28/extending_race_window_fallocate/
Please open Telegram to view this post
VIEW IN TELEGRAM
faith2dxy.xyz
Extending Kernel Race Windows Using '/dev/shm'
Showcasing an alternative technique to userfaultfd for extending race windows in the Linux kernel.
Please open Telegram to view this post
VIEW IN TELEGRAM
Withsecure
TangleCrypt: a sophisticated but buggy malware packer
WithSecure's STINGR Group is releasing a detailed technical analysis of TangleCrypt, a previously undocumented packer for Windows malware. The packer was found on two executables of the STONESTOP EDR killer used in a recent ransomware attack. The blogpost…
#reverse_engineering
#firmware_analysis
@ZwLowLevel
https://stefan-gloor.ch/pulseoximeter-hack
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Building a Windows Kernel-Mode Driver for Process Hiding (Rootkit Techniques)
Tech magazine for cybersecurity specialists
ReCopilot: A Reverse Engineering Copilot for Boosting Binary Analysis with Decompiler
#reverse_engineering #reversing #copilot
@ZwLowLevel
https://github.com/XingTuLab/recopilot
GitHub
GitHub - XingTuLab/recopilot: ReCopilot: Reverse Engineering Copilot in Binary Analysis
ReCopilot: Reverse Engineering Copilot in Binary Analysis - XingTuLab/recopilot
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
EDR-AppLocker
Blocking EDRs with AppLocker
Blocking EDRs with AppLocker
#applocker #edr_tampering
#edr_bypass #edr_evasion
@ZwLowLevel
https://github.com/zero2504/EDR-AppLocker
#firmware_hacking #firmware_analysis
#reverse_engineering #reversing
#secure_boot
@ZwLowLevel
https://hackmag.com/security/esp32-hack
Please open Telegram to view this post
VIEW IN TELEGRAM
HackMag
Defeating ESP32 Security: Extracting Flash Encryption and Secure Boot Keys
Tech magazine for cybersecurity specialists
🔥1
Low Level CO 🇨🇴 pinned «🧐 Virtual to Physical Address Translation Explained #windows_internals #virtual_address @ZwLowLevel»
#pentesting_web #web_security
@ZwLowLevel
https://www.hacktron.ai/blog/hacking-openai-atlas-browser
Please open Telegram to view this post
VIEW IN TELEGRAM
Hacktron AI
Pwning OpenAI Atlas Through Exposed Browser Internals
A critical ChatGPT Atlas Browser vulnerability: XSS on an OpenAI subdomain let attackers hijack tabs, leak browsing URLs, and steal OAuth tokens.
EDR evasion for Red Teamers
#edr_bypass #edr_evasion
#malware_development #malware_development
#windows_internals
@ZwLowLevel
https://github.com/Excalibra/Antivirus-EDR-Evasion-Bypass-for-Pentesters-Red-Teamers
GitHub
GitHub - Excalibra/Antivirus-EDR-Evasion-Bypass-for-Pentesters-Red-Teamers: Antivirus EDR evasion bypass for pentesters red teamers
Antivirus EDR evasion bypass for pentesters red teamers - Excalibra/Antivirus-EDR-Evasion-Bypass-for-Pentesters-Red-Teamers