EDR evasion for Red Teamers
#edr_bypass #edr_evasion
#malware_development #malware_development
#windows_internals
@ZwLowLevel
https://github.com/Excalibra/Antivirus-EDR-Evasion-Bypass-for-Pentesters-Red-Teamers
GitHub
GitHub - Excalibra/Antivirus-EDR-Evasion-Bypass-for-Pentesters-Red-Teamers: Antivirus EDR evasion bypass for pentesters red teamers
Antivirus EDR evasion bypass for pentesters red teamers - Excalibra/Antivirus-EDR-Evasion-Bypass-for-Pentesters-Red-Teamers
Please open Telegram to view this post
VIEW IN TELEGRAM
hunt.io
Malicious VSCode Extension Launches Multi-Stage Attack Chain with Anivia Loader and OctoRAT
A fake VSCode extension triggered a multi-stage attack deploying the Anivia loader and OctoRAT. Learn how the chain worked and where defenders can detect it. Learn more.
40_Marvell_Kuemerle_final.pdf
1.4 MB
Memory: Almost
The Only Thing That Matters
A revolution in memory architecture for the data center
The Only Thing That Matters
A revolution in memory architecture for the data center
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - 0x536b796ec3b578/injectum: The modern, type-safe process injection framework for Red Teams and Offensive Security in Rust.
The modern, type-safe process injection framework for Red Teams and Offensive Security in Rust. - 0x536b796ec3b578/injectum
#shadow_copy #vss
#malware_development #maldev
@ZwLowLevel
https://github.com/Extenedi/DeleteShadowCopies
Please open Telegram to view this post
VIEW IN TELEGRAM
Hoy sábado presento algunas estructuras del Kernel de Windows para refrescar la cabeza.
👀
Catalog of key Windows kernel data structures
Catalog of key Windows kernel data structures
#windows_internals #windows_kernel
#EPROCESS
@ZwLowLevel
https://codemachine.com/articles/kernel_structures.html
Please open Telegram to view this post
VIEW IN TELEGRAM
Codemachine
CodeMachine - Article - Catalog of key Windows kernel data structures
Explanation of key data structures used by device drivers, kernel and HAL.
Forwarded from cKure Red
https://github.com/hackersatyamrastogi/react2shell-ultimate
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Sec Note
React2Shell (CVE-2025-55182) Exploitation: Real-World Incident Response to XMRig Cryptominer Attack
#cryptojacking #miner
#malware_analysis
@ZwLowLevel
React2Shell (CVE-2025-55182) Exploitation: Real-World Incident Response to XMRig Cryptominer Attack
Complete incident response writeup of a React2Shell (CVE-2025-55182) vulnerability exploitation leading to XMRig cryptominer installation. Learn detection, analysis, remediation, and prevention strategies for this critical RCE vulnerability.
How I discovered a hidden microphone on a Chinese NanoKVM
#reverse_engineering #reversing
#cyber_espionage
@ZwLowLevel
https://telefoncek.si/2025/02/2025-02-10-hidden-microphone-on-nanokvm/
telefoncek.si
Telefoncek.si • How I discovered a hidden microphone on a Chinese NanoKVM
NanoKVM is a hardware KVM switch developed by the Chinese company Sipeed. Released last year, it enables remote control of a computer or server using a virtu...
CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones.
#reverse_engineering #reversing
@ZwLowLevel
https://www.ibm.com/think/x-force/cve-2023-20078-technical-analysis
Ibm
CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones | IBM
Cisco released a security advisory detailing an unauthenticated command injection vulnerability in the web-based management interface of several Cisco IP phones. Learn more now.