Highlights: Introduction Throughout 2025, we conducted and published several reports related to our research on the Silver Fox APT. In some of them (for example, here), the threat actor delivered the well-known ValleyRAT backdoor, also referred to as Winos or Winos4.0…

Behind the Binary by Google Cloud Security · Episode

proxy kit for Linux/Windows/MacOS. Contribute to yuhaiin/yuhaiin development by creating an account on GitHub.

Tech magazine for cybersecurity specialists

Tool for creating a hidden administrator account through SAM registry manipulation and identity information cloning. - Caidoam/Windows-Shadow-User-SAM-Manipulator

MemProcFS. Contribute to ufrisk/MemProcFS development by creating an account on GitHub.

Today, we would like to present a lesser-known feature of the Linux kernel. Instead of launching a program from a file system, regardless of whether it's virtual or not, it is also possible to embed a user-space program directly into the kernel image itself…

IntroductionBetween July 2024 and February 2025, 6 suspicious image files were uploaded to VirusTotal. Thanks to a lead from Meta, these samples came to the ...

I hate sudo with a passion. It represents everything I find offensive about the modern Unix security model:
like su, it must be a SUID binary to work it is monolithic: everything sudo does runs as root, there is no privilege separation it uses a non-declarative…

🛠️ Invoke Windows Native API syscalls directly with Syscaller, a header-only C++ library that ensures compatibility and avoids breaking updates. - Tayssirx71/Syscaller

Ever since the release of Visual Studio 97 SP3, Microsoft has placed an undocumented chunk of data between the DOS and PE headers of every native Portable Executable (PE) binary produced by its linker without any possibility to opt out. The data contains…