🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

In August, watchTowr Labs hijacked parts of the global .mobi TLD - and went on to discover the mayhem that we could cause. Enjoy.... labs.watchtowr.com/we-spent-20-to…

Somebody asked if you can run a dll directly without rundll32 as you would do with an exe. You just need to remove the IMAGE_FILE_DLL flag from IMAGE_FILE_HEADER->Characteristics, which can be done with the option -e of github.com/Kudaes/CustomE…. Don't see much use for it tho ^^

It's always such a great feeling to receive this kind of messages. Indeed, an enormous amount of hours have been invested in the Dinvoke_rs project. It started as a small side project to learn Rust and it ended up being the core of all my other tools😅

I'm excited to share 𝗥𝘂𝘀𝘁𝗶𝗰𝟲𝟰. A Modern 64-bit 𝗣𝗼𝘀𝗶𝘁𝗶𝗼𝗻-𝗜𝗻𝗱𝗲𝗽𝗲𝗻𝗱𝗲𝗻𝘁 Shellcode Template for 𝗪𝗶𝗻𝗱𝗼𝘄𝘀, written 𝗶𝗻 𝗥𝘂𝘀𝘁! #rustlang #CyberSecurity #redteam github.com/safedv/Rustic64

I resisted using Kurosh Dabbagh dinvoke_rs while learning rust and how to build implants, so I wrote this library for dynamically locating API function addresses and loading dlls. github.com/Teach2Breach/n…

Disponibles en Twitch todas las conferencias de la Sala CrowdStrike de #NN12ED 🖤💛 Día 1: twitch.tv/videos/2266422… Día 2: twitch.tv/videos/2267218… Día 3: twitch.tv/videos/2268060… Todas disponibles en: twitch.tv/navajanegra

Project Zero Blogpost recap for the month: googleprojectzero.blogspot.com/2024/10/the-wi… — j00ru//vx doing another deep dive into the Windows Registry googleprojectzero.blogspot.com/2024/10/effect… — Nick Galloway's dav1d fuzzing case study (new) googleprojectzero.blogspot.com/2024/10/from-n… — an update on using LLMs to find vulns Enjoy! 🎉

Analyzing Procmon stack trace is always a great source of knowledge. Today it showed me that in current versions of Windows win32u.dll performs syscalls in a legitimate way. Idk if its needed, but I guess it can be used as an alternative to ntdll to perform indirect syscalls🙃

I didn't realize that LoadLibrary allows UNC paths, meaning you can load a dll from a remote share without writing it to the current host. Doesn't this directly bypass some static/sandbox analysis performed by some security products? 🤔

it do be like that sometimes

I've just released Eclipse, a PoC of what I call Activation Context Hijack. This technique redirects any application to load an arbitray DLL, allowing to inject code into any trusted process. More info available on Github. github.com/Kudaes/Eclipse

If you're into WinDbg and debugging, check out my GitHub repository! I’ve put together content on getting started, practicing with kernel memory dumps, analyzing user-mode dumps with exploits, and more. github.com/DebugPrivilege…

Attacks against AD CS are de rigueur these days, but sometimes a working attack doesn’t work somewhere else, and the inscrutable error messages are no help. Jacques replicated the most infuriating and explains what’s happening under the hood in this post sensepost.com/blog/2025/divi…

hOw Do I lEaRn MaLwArE StUfF If you're new to malware stuff, and want to learn malware stuff, go to our paper collection. If you read 10% of our malware analysis paper collection (took notes, seriously understood it), you'd be a fuckin' monster. If you know how to code

Windows 11 24H2 broke a popular malware evasion technique! The Lloyd Labs self-deletion method now fails because of NTFS changes, so I spent time with kernel debugging to figure out why and how to fix it. Full technical breakdown: tkyn.dev/2025-6-8-The-N…

Who doesn't love a sequel? Part one our series on secure #enclaves for #offensive operations highlighted how enclaves work and how to develop your own. Part two is out now and shares what we discovered while digging into enclave internals: outflank.nl/blog/2025/06/1…