TrainSec Academy - Where pros train pros I've been learning from Yosifovich for almost a decade at this point - he's the first person who comes to mind for anything Windows internals. This looks highly valuable for both red and blue teams, and you couldn't have picked a better instructor.

Congratulations to @killswitchx7, winner of the free seat in our live EDR Internals - Research & Development live course! Thanks to everyone who joined the giveaway and shared their stories. We selected the winner randomly from all valid entries. Early Bird pricing still open:

From the bottom of my heart, thank you so much Uriel Kosayev , Pavel Yosifovich and TrainSec Academy - Where pros train pros academy team! ❤️ for considering me for this one of a kind training! For folks who are still sitting on the fence, please don't hesitate considering this live training, it is &will be worth it.

I've been diving a little bit more into defense evasion and one thing I'm learning right now is ETW and one tool that provides insight on all the providers used by it, is ETWExplorer by Pavel Yosifovich aka Pavel Yosifovich . I know, I'm late...very late... github.com/zodiacon/EtwEx…

New video by Pavel Yosifovich: set up real kernel debugging for a Windows VM in minutes. From bcdedit to live breakpoints in WinDbg—watch the walkthrough and start debugging the kernel. Full guide + courses at TrainSec trainsec.net/library/window…

What fun thing to see, such a great professional community that feels like family ❤️ In the following screenshot, you can see 5pider helping folks with some stuff 🙃

Everyone at the conference said ransomware is inevitable. We said: No Deal. Thanks to Amichai Yifrach and the Synergy7 + Dell teams for an incredible event. Together, we shared CYMDALL’s vision: change the rules—fight ransomware from the hardware level.

Just published my new article in the TrainSec Knowledge Library: "Two Sides of the Same Coin – From Dissected Malware to EDR Evasion" Understanding how malware works is key to learning how to bypass and defend against EDR. A must-read for TrainSec students. Read here:

Hi all - I'm hiring a Principal Security Researcher who has strong knowledge in Active Directory and Entra ID. Are you interested in spending time to find the next ZeroLogon or BadSuccessor equivalent, as well as helping our product to improve? Go apply: linkedin.com/jobs/view/4283…

In continuation for my recent research about UAC bypass I wrote a tool "Find-UACAutoElevate" to find executables that match the requirements to achieve UAC Bypass. github.com/ADPunisher/Fin… #PowerShell #UACBypass #AutoElevate

Finally got around to finishing my latest post: How to Create a Staged In-Memory .NET Reflective Shellcode Loader. Nothing too novel, just revisiting some simple yet effective methods to pull off an in-memory/fileless shellcode loader. Hope you enjoy! g3tsyst3m.github.io/fileless%20tec…

Windows 10 System Programming, Part 1 by Pavel Yosifovich is on sale on Leanpub! Its suggested price is $37.95; get it for $21.56 with this coupon: leanpub.com/sh/xaei53DV @ZODIACON

Ever wondered what really happens when you delete a file in Windows? In the new video, Pavel Yosifovich traces every step. Watch the deep dive: trainsec.net/library/window…

The bundle Windows 10 System Programming by Pavel Yosifovich is on sale on Leanpub! Its suggested price is $74.90; get it for $37.53 with this coupon: leanpub.com/b/windows10sys… @ZODIACON

A "Field Note" from my upcoming MAoS - Malware Analysis on Steroids book: The industry has fooled many of us to think that malware analysis without reverse engineering is malware analysis, or what many classify it as “basic malware analysis”. There is no such thing as basic

תודה רבה על ההזדמנות האדירה להשתתף בפודקאסט ״על ברזלים וסייבר״ עם מתנאל ונריה הצדיקים 💪🏼🔥 היו אנרגיות מטורפות וסופר מרגש! שנזכה להאיר את העולם בעשייה טובה ומשמעותית! 😎 לינקים לפודקאסט: youtu.be/gn17eDAoKbc open.spotify.com/episode/5kPyBN…? si=E06c12hKRFSvvZGUCg8lZw תהנו ❤️

Kernel allocation tags in Windows—why they exist and how to use them for debugging and forensics. New video + blog post from Pavel Yosifovich, free in the TrainSec Knowledge Library. Watch & read: trainsec.net/library/window…