It was a thrilling experience to participate as challenge creators in such an amazing event @athackcon #FwordFTW

Really cool tool and awesome README that discusses in detail how EDR works (kernel callbacks, ETW, userland hooking, etc.) and how it can be bypassed with a vulnerable driver. They also put defensive considerations at the bottom! github.com/wavestone-cdt/…

We are back and bigger 🔥 Coming soon... #FSecCon #Fword

NetApp thanks for racism me after i sent him a subdomain takeover and solve a bug i sent hem to add me on HackerOne to discuss a report

04 Windows Registry - DFIR | Digital Forensics & Incident Response الحلقة الرابعة من سلسلة التحقيق الجنائى الرقمى و الاستجابة للحوادث باللغة العربية. youtu.be/3SFNyFKKLCY #DFIR #dfirtip #امن_المعلومات

Bypassing CrowdStrike, Microsoft Defender for Endpoint etc. for fun.. not profit vanmieghem.io/blueprint-for-…

Two Parts of Access Token Manipulation, I just talked about How to steal token of another process, make token, revert token, and finally How to build a token vault to store your stolen tokens in memory. Part1 : xret2pwn.github.io/Access-Token-P… Peace out!✌️ #redteam

Thanks to Hack The Box for the wonderful event, we managed to clear all challenges and stay in Top 5 :)

Here we go again! Will randomly choose at end of next Monday 6/6 one person to attend the Cyber 5W #CCDFA certification course LIVE with me starting June 13th. #DFIR #C5W All I ask you is to Retweet/RT, not even a like or follow!!! academy.cyber5w.com/courses/ccdfa-…

Hey everyone, I published a new blog about using #YARA for malware config extraction. I used #RedLine stealer for demonstration (extracting C2 and BotnetID). n1ght-w0lf.github.io/tutorials/yara…

Curious about C2 Development? Read my new blog post, where I showed how to implement External C2 like Cobalt Strike to let the operator operate through his custom communication channel. xret2pwn.github.io/Myths-About-Ex… Peace out! ✌ #Redteam #CyberSecurity

Hi,I just published a write-up about how I solved Leaker challenge from WiCSME CTF 2022 and How I got RCE on XSLeak challenge ( Unintended Solution ) omakmoh.github.io/xsleak-is-2-wa…

I've published 2 quick tutorials about writing #x64dbg scripts and plugins, hope you learn something new :) n1ght-w0lf.github.io/tutorials/writ… n1ght-w0lf.github.io/tutorials/writ…

Defeating #dotRunpeX — New #virtualized .NET injector abusing advanced techniques to deliver numerous malware families. CP<r> provides an in-depth analysis of this threat introducing several PoC techniques for reversing protected/virtualized #dotnet code. research.checkpoint.com/2023/dotrunpex…

Co-authoring Regexplore, a new volatility 3 plugin, with ChatGPT😄 to bring Registry Explorer plugins' Eric Zimmerman tool to Volatility. 🛠️ Contribute and help improve its features!: github.com/0xHasanM/regex… 🔗 #Volatility #DigitalForensics #RegistryExplorer #ChatGPT

During the weekend, we participated in BRICS+ CTF Quals organized by C4T BUT S4D team and secured 1st place. As a reward, we also receive an invitation to compete in the 8th XCTF finals in China next year. We enjoyed the event and look forward to both upcoming finals!

We got 6th in #BHMEA23 CTF over the week. Didn't manage to get top 5 but it was a close battle! Big congrats to DiceGang for winning + Black Hat MEA for the nicely organised event. We will come back stronger next year!

My teammates hypen and Omar are absolute gods of PowerPoint. Their slides design is on another level! #TheSAS2025

It turned out there are many more payloads used in the Notepad++ attack! To stay undetected, its masterminds were COMPLETELY changing execution chains about every month. Here are more IPs used in the attack: 45.76.155[.]202 45.32.144[.]255 Read below for many other IoCs! [1/8]