Cronos: Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation github.com/XaFF-XaFF/Cron…

Today I am releasing a blog about kernel exploitation in the age of HVCI. This post addresses calling arbitrary kernel-mode APIs, to go beyond “traditional token stealing” data-only attacks, while also dealing with kernel control flow integrity. connormcgarr.github.Io/hvci

Since ms-msdt: is now readily detected and the conversation has changed to search-ms: and some more staggered social engineering tricks, here is a useless thread on a silly thing tricksters might be able to pull off with some of the new fun things we have learned: 🧵

🚨BREAKING: Bored Ape Yacht Club and Otherside Metaverse Discord servers have been hacked. Millions worth of #NFTs reportedly stolen.

It is a very poor decision to advertise ransomware on Instagram

Todo el éxito al equipo de latam que participa del Campeonato mundial de ciberseguridad en Atenas🥳. Mención a Mataya y litneet64 que lo están dando todo en la competencia 🦊🏴‍☠️ Manden ki #cntr0llz #icsc #ENISA

2nd Day at the International Cybersecurity Challenge (ICC). Can't wait to know the absolute beasts that solved some rev challenges :D

Nice to see #LATAM 🌎 in the 1st International Cybersecurity Challenge by ENISA #ICC_games in Athens, Greece 🇬🇷

Agradecimiento a la buena organización de Diplomados en Ciberseguridad de la USACH por este gran evento !. Esperamos con ansias nuevos eventos a lo largo de Chile🦊🏴‍☠️

☢️ I'm so excited - just issued my first blog post☢️ As promised - sharing my WarCon slides deck on: mgeeky.tech/warcon-2022-mo… Power of positive feedback made me publish them during my first day of holidays (●'◡'●) Let me know if you like it 🔥

Obfuscating Reflective DLL Memory Regions with Timers: mez0.cc/posts/vulpes-o…

☢️ Agenda of my Modern Red Team Malware Development training that I'm running at /ˈziːf-kɒn/ next week - almost ready. Just a few final touches! I already feel like there won't be enough time to cover everything I'd like over 3 days. A month would do tho! What do you think?💀

Need to know if your target is on vacation or which apartment he rented and when? We've just added a new #OSINT module that lets you find the #Airbnb account linked to an email address and several other information. Try it now by signing for free on epieos.com

web3: "we will revolutionize the world" also web3: "i am being exploited by watermelon emoji"

ImpulsiveDLLHijack: C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's. #redteam #infosec #pentest github.com/knight0x07/Imp…

🚨New Post 🚨 Tired of begging for malware samples from randos and those pesky privileged VTI premium users? Read my "Short Guide for the Freeloader Researcher" danusminimus.github.io/2022/08/27/The…

For a reverse engineer, the ability to directly call a function from the analyzed binary can be a shortcut that bypasses a lot of grief. In this article, we explore and compare 3 ways of invoking functions: IDA Appcall, Dumpulator, and Unicorn Engine. research.checkpoint.com/2022/native-fu…

Brc4 v1.2.2/5 was leaked by MdSec and is circling the internet. I am tracking it over the past few weeks. MdSec uploaded the whole package to VT which was cracked by a Russian group Molecules, and now used by TAs which will most likely create an irrepairable damage. blog incoming

OH MY GOD FINALLY SOMEONE HACKED THIS DUMB AS HELL IDEA