"Red Canary Threat Detection Report:
Techniques, Trends, & Takeaways",  2025.

Posted Jul 5, 2025 Updated Jul 5, 2025
By Iman Seyed

Most Linux systems rely on binary blobs to activate the full capabilities of hardware like Bluetooth and Wi-Fi chips. But what are these blobs, and how does the kernel load them?

This post, as indicated by the noscript, will cover the topic of writing Windows kernel drivers for advanced persistence. Because the subject matter is relatively complex, I have decided to divide the project into a three or a four part series. This being the first post in the series, it will cover the fundamental information you need to know to get started with kernel development. This includes setting up a development environment, configuring remote kernel debugging and writing your first “Hello World” driver.

Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. This project demonstrates various UAC bypass techniques and serves as an educational resource for understanding Windows security mechanisms.

Threat Intelligence F6 analysts have studied the Pay2Key ransomware service, which has been distributed on Russian-language cybercriminal forums using the RaaS model since late February 2025.

"I'm in Your Logs Now, Deceiving Your Analysts and Blinding Your EDR".



A comprehensive ETW event generation tool

Personal Red Team and Offensive Security labs, exercises, and projects.
This repository documents my journey to become an Offensive Security professional and Red Teamer