Low Level CO 🇨🇴 – Telegram
Low Level CO 🇨🇴
@ZwLowLevel
116 subscribers
173 photos
10 videos
7 files
522 links
Canal enfocado en la investigación de técnicas de seguridad ofensivas avanzadas.

Windows internals
Malware Development
Exploits & Reversing
Low level programming
kernel mode & user mode
Syscall & Hypercalls
Ring 0, 3, -1
Firmware
Download Telegram
About
Blog
Apps
Platform
Join
Low Level CO 🇨🇴
116 subscribers
Low Level CO 🇨🇴
PIC shellcode: The Rust Way

#malware_development
#malwaredev
#maldev
@ZwLowLevel
DEV Community
PIC shellcode: The Rust Way
Originally published at Cyberpath A Hands-On Analysis of the Rustic64 Project In...
33 viewsGolden Byte
Low Level CO 🇨🇴
New Year post: Anti-cheat evolution in Windows 11

#windows_internals
#windows_kernel
#anti_cheat
@ZwLowLevel
35 viewsGolden Byte
Low Level CO 🇨🇴
Part 1: Windows Internals: Thread Management
Part 2: Windows Internals: Thread Management

#windows_internals
@ZwLowLevel
Medium
Windows Internals: Thread Management — Part 1
Thread Management on Windows. ETHREAD, KTHREAD and scheduling.
33 viewsGolden Byte
Low Level CO 🇨🇴
Forwarded from ARVIN
0day speedrun? OpenFlagr <= 1.1.18 Authentication Bypass
https://dreyand.rs/code%20review/golang/2026/01/03/0day-speedrun-openflagr-less-1118-authentication-bypass?x
DreyAnd’s Web Security Blog
0day speedrun? OpenFlagr <= 1.1.18 Authentication Bypass
A detailed 0day speedrun uncovering an authentication bypass in OpenFlagr ≤ 1.1.18. Root cause analysis, exploitation path, impact assessment, and remediation.
36 viewsGolden Byte
Low Level CO 🇨🇴
This media is not supported in your browser
VIEW IN TELEGRAM
— Undefeated
32 viewsGolden Byte
Low Level CO 🇨🇴
Demo: Reverse Engineering Android Apps with Code Coverage

#os_internals
#reversing
#reverse_engineering
@ZwLowLevel
33 viewsGolden Byte
Low Level CO 🇨🇴
From Zero to SYSTEM: Building PrintSpoofer from Scratch

#windows_security
#windows_internals
@ZwLowLevel
32 viewsGolden Byte
Low Level CO 🇨🇴
Sliver C2 — Comprehensive Cyber Threat Intelligence Brief

#cyber_threat_intelligence
#cti
#malware_analysis
@ZwLowLevel
0Xadroit
Sliver C2 — Comprehensive Cyber Threat Intelligence Brief
A comprehensive threat intelligence analysis of Sliver C2 framework, including MITRE ATT&CK mapping, indicators of compromise, detection rules, and defensive recommendations for security teams.
30 viewsGolden Byte
Low Level CO 🇨🇴
Sleak Crypter

Sleak Crypter is a simple obfuscate tool that allows you to encrypt and obfuscate your files.

#malware_development
#malwaredev
#maldev
@ZwLowLevel
31 viewsGolden Byte
Low Level CO 🇨🇴
FsquirtCPLPoC

Fsquirt.exe is a windows binary attempts to load a Control Panel applet (CPL) called bthprops.cpl from its current working directory. When bthprops.cpl is present alongside fsquirt.exe, the binary loads it and executes a MessageBox from DLLMain.

#malware_development
#malwaredev
#maldev

@ZwLowLevel
https://github.com/mhaskar/FsquirtCPLPoC
25 viewsGolden Byte, edited  
Low Level CO 🇨🇴
Android Kernel Exploit CVE-2025-38352

1. In-the-wild Android Kernel Vulnerability Analysis + PoC

2. Extending The Race Window Without a Kernel Patch

3. Uncovering Chronomaly

#android_internals
#exploit_development
@ZwLowLevel
faith2dxy.xyz
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC
Part 1 (This blog post) - In-the-wild Android Kernel Vulnerability Analysis + PoC Part 2 - Extending The Race Window Without a Kernel Patch CVE-2025-38352 was a…
23 viewsGolden Byte
Low Level CO 🇨🇴
Forwarded from Order of Six Angles
deep dive into an electronic detection and response system deployed by China’s security agencies

https://netaskari.substack.com/p/chinas-guardian-of-secrets
Substack
China's guardian of secrets: 保密管理系统
NetAskari got exclusive access to internal software used by Chinese security agencies to control data leakage from the internal government network.
15 viewsGolden Byte
Low Level CO 🇨🇴
Time(less) LAPS: Securing persistent anonymous access to local administrator passwords

The RecoveryMode mechanism in Windows LAPS allows local administrator passwords to be decrypted using remote ‘decryptors’.

#windows_internals
#windows_security
#reverse_engineering
#reversing
@ZwLowLevel
HackMag
Time(less) LAPS: Securing persistent anonymous access to local administrator passwords
Tech magazine for cybersecurity specialists
15 viewsGolden Byte
Low Level CO 🇨🇴
Golden Byte
Time(less) LAPS: Securing persistent anonymous access to local administrator passwords The RecoveryMode mechanism in Windows LAPS allows local administrator passwords to be decrypted using remote ‘decryptors’. #windows_internals #windows_security #rev…
What's the LAPS?

https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-overview
Docs
Windows LAPS overview
Get an overview of Windows Local Administrator Password Solution (Windows LAPS), including key scenarios and setup and management options.
15 viewsGolden Byte, edited  
Low Level CO 🇨🇴
17 viewsGolden Byte
Low Level CO 🇨🇴
No Time
Sartanic
17 viewsGolden Byte
Low Level CO 🇨🇴
Low Level CO 🇨🇴 pinned «Time(less) LAPS: Securing persistent anonymous access to local administrator passwords The RecoveryMode mechanism in Windows LAPS allows local administrator passwords to be decrypted using remote ‘decryptors’. #windows_internals #windows_security #rev…»
Low Level CO 🇨🇴
JavaScript, MSBuild, and the Blockchain: Anatomy of the NeoShadow npm Supply-Chain Attack

#malware_analysis
@ZwLowLevel
www.aikido.dev
NeoShadow npm Supply-Chain Attack: JavaScript, MSBuild & Blockchain
A deep technical analysis of the NeoShadow npm supply-chain attack, detailing how JavaScript, MSBuild, and blockchain techniques were combined to compromise developers.
6 viewsGolden Byte
Low Level CO 🇨🇴
A field guide to sandboxes for AI

#security
#sandboxing
@ZwLowLevel
5 viewsGolden Byte
Low Level CO 🇨🇴
Fibratus

Adversary tradecraft detection, protection, and hunting

#cyber_threat_intelligence
#cti
#malware_analysis
@ZwLowLevel
3 viewsGolden Byte