Forwarded from Freedom Fox 🏴☠
GhostlyHollowingViaTamperedSyscalls2
Ghostly Hollowing + Tampered Syscalls Via Hardware Breakpoints: Utilizing hardware breakpoints to spoof syscall arguments while implementing Ghostly Hollowing PE #Injection technique
#av #работягам
Чат в МАХ
Telegram✉️ @freedomfox
Ghostly Hollowing + Tampered Syscalls Via Hardware Breakpoints: Utilizing hardware breakpoints to spoof syscall arguments while implementing Ghostly Hollowing PE #Injection technique
#av #работягам
Чат в МАХ
Telegram
Please open Telegram to view this post
VIEW IN TELEGRAM
Happy New Year 🎊
We hope this new year is full of success and blessings, that you achieve all your goals, and that there is peace and harmony in your family.
We hope this new year is full of success and blessings, that you achieve all your goals, and that there is peace and harmony in your family.
🔥1
APT36 : Multi-Stage LNK Malware Campaign Targeting Indian Government Entities
#malware_analysis
@ZwLowLevel
CYFIRMA
APT36 : Multi-Stage LNK Malware Campaign Targeting Indian Government Entities - CYFIRMA
EXECUTIVE SUMMARY CYFIRMA has identified a targeted malware campaign attributed to APT36 (Transparent Tribe), a Pakistan aligned threat actor actively...
ActiveBreach Engine
SysWhispers & HellsGate Successor, Direct Syscall Execution Framework using modern techniques - EDR/AV Evasion
SysWhispers & HellsGate Successor, Direct Syscall Execution Framework using modern techniques - EDR/AV Evasion
#malware_development
#maldev
#malwaredev
@ZwLowLevel
Forwarded from Freedom Fox 🏴☠
Exploit-Street
Сборник самых свежих #LPE эксплойтов от нашего соотечественика. #Windows In The Fire🔥
Чат в МАХ
Telegram✉️ @freedomfox
Сборник самых свежих #LPE эксплойтов от нашего соотечественика. #Windows In The Fire🔥
Чат в МАХ
Telegram
Please open Telegram to view this post
VIEW IN TELEGRAM
🔧 DriverTool - Windows Driver Management Utility
A tool that can help you develop and analyze Windows drivers.
A tool that can help you develop and analyze Windows drivers.
#windows_kernel
#windows_driver
#windows_internals
@ZwLowLevel
GitHub
GitHub - Tkillow/Sys-Startup-Tool-Boot-Start: A tool that can help you develop and analyze Windows drivers.
A tool that can help you develop and analyze Windows drivers. - Tkillow/Sys-Startup-Tool-Boot-Start
BOAZ Evasion and Antivirus Testing Tool
Multilayered AV/EDR Evasion Framework
Multilayered AV/EDR Evasion Framework
#edr_bypass
#edr_evasion
@ZwLowLevel
Registry Writes Without Registry Callbacks
This post explores a technique for establishing registry persistence and registry writes against HKCU at medium integrity without triggering registry callbacks.
This post explores a technique for establishing registry persistence and registry writes against HKCU at medium integrity without triggering registry callbacks.
#malware_development
#maldev
@ZwLowLevel
DeceptIQ
Registry Writes Without Registry Callbacks
Explore NTUSER.MAN, an overlooked Windows profile mechanism that allows registry persistence without triggering CmRegisterCallback EDR monitoring.
10,000 Lines of C, Real x86-64 Assembly for Critical Paths: Building Kernel-Level AI Security
#os_internals
#ai
@ZwLowLevel
DEV Community
10,000 Lines of C, Real x86-64 Assembly for Critical Paths: Building Kernel-Level AI Security
SENTINEL IMMUNE: syscall hooks in assembly, AVX2 SIMD pattern matching, DragonFlyBSD kernel module. Pure C/ASM, zero Python.
Machine Learning-Based Cybersecurity Solutions for Cloud Computing
Traditional signature-based security solutions detect known threats through pattern matching against databases of malware signatures and attack indicators. This approach fails against zero-day exploits, polymorphic malware employing code obfuscation, and advanced persistent threats (APTs) utilizing novel attack techniques.
Traditional signature-based security solutions detect known threats through pattern matching against databases of malware signatures and attack indicators. This approach fails against zero-day exploits, polymorphic malware employing code obfuscation, and advanced persistent threats (APTs) utilizing novel attack techniques.
#machine_learning
#llm
#reinforcement_learning
#ai
@ZwLowLevel
https://eudoxuspress.com/index.php/pub/article/view/4595/3409
Windows ARM64 Internals: Pardon The Interruption! Interrupts on Windows for ARM
#windows_internals
#windows_kernel
#arm64
#ring0
https://connormcgarr.github.io/windows-arm64-interrupts/