I'm excited to share 𝗥𝘂𝘀𝘁𝗶𝗰𝟲𝟰. A Modern 64-bit 𝗣𝗼𝘀𝗶𝘁𝗶𝗼𝗻-𝗜𝗻𝗱𝗲𝗽𝗲𝗻𝗱𝗲𝗻𝘁 Shellcode Template for 𝗪𝗶𝗻𝗱𝗼𝘄𝘀, written 𝗶𝗻 𝗥𝘂𝘀𝘁! #rustlang #CyberSecurity #redteam github.com/safedv/Rustic64

New on Medium: Analyzing the Rustic64 Project for building #Windows #Shellcode in #Rust. 🦀💻 Explore #PIC shellcode creation and dive into the code architecture! Check it out here: 🔗 link.medium.com/depGXMredNb #Cybersecurity #RustLang #MalwareDevelopment

🚀 Just dropped Rustic64Shell—64-bit position-independent reverse tcp shell for Windows, built in Rust! 😎 github.com/safedv/Rustic6… #RedTeam #EthicalHacking #CyberSecurity

Choosing the right #cybersecurity #certifications can feel like a maze 🧩. I’ve shared some #tips on how to avoid common pitfalls and align your #CertificationPath with your #CareerGoals. Check it out at link.medium.com/QWxcdtHnlNb #InfoSec #CyberPath

🦀 RustiveDump can now be compiled 𝗮𝘀 𝘀𝗵𝗲𝗹𝗹𝗰𝗼𝗱𝗲 (𝗣𝗜𝗖) using the 𝗥𝘂𝘀𝘁𝗶𝗰𝟲𝟰 𝗱𝗲𝘀𝗶𝗴𝗻. LSASS memory dumper using only 𝗡𝗧 𝗔𝗣𝗜𝘀, supporting 𝗫𝗢𝗥 and 𝗿𝗲𝗺𝗼𝘁𝗲 𝘁𝗿𝗮𝗻𝘀𝗺𝗶𝘀𝘀𝗶𝗼𝗻. #redteam #ethicalhacking github.com/safedv/Rustive…

🦀 𝗥𝘂𝘀𝘁𝗩𝗘𝗛𝗦𝘆𝘀𝗰𝗮𝗹𝗹𝘀: a Rust port of 𝗟𝗮𝘆𝗲𝗿𝗲𝗱𝗦𝘆𝘀𝗰𝗮𝗹𝗹 that performs indirect syscalls while generating legitimate API call stack frames by abusing VEH, bypassing user-land EDR hooks in Windows. github.com/safedv/RustVEH… #RedTeam #EthicalHacking

Interesting things that happened lately: October 31st: safe released RustVEHSyscalls, a Rust port for LayeredSyscalls — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH October 30th: Ferib released a paper on forming a

🦀 𝗥𝘂𝘀𝘁𝗦𝗼𝗹𝗶𝗹𝗼𝗾𝘂𝘆: Rust-based Internal-Monologue implementation for capturing NetNTLM hashes locally without touching LSASS. Using SSPI for NTLM negotiation and indirect NTAPIs for core operations. github.com/safedv/RustSol… #redteam #ethicalhacking

🦀 𝗥𝘂𝘀𝘁𝗣𝗼𝘁𝗮𝘁𝗼: A Rust implementation of 𝗚𝗼𝗱𝗣𝗼𝘁𝗮𝘁𝗼, abusing 𝗦𝗲𝗜𝗺𝗽𝗲𝗿𝘀𝗼𝗻𝗮𝘁𝗲 to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTAPI for various operations. github.com/safedv/RustPot… #redteam #ethicalhacking

I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. elastic.co/security-labs/… Project: github.com/x86matthew/Win…

Mildly irritating things seen by malware nerds: - Person saying {thing} evades EDR and/or AV, but they've never performed against an enterprise environment with an active Blue Team (they don't know what they're talking about). Yes, your payload avoided basic analysis, but stop