Here's the tool that I demoed during my #SANSHackFest talk. Let's make it better by filing any issues you identified and submitting PRs. #redteam #maldev

RT @lastweekinfosec: CUPS RCE (@evilsocket), driver vulns (@vinopaljiri), NamelessC2 release (@trickster012), liveness detection bypass (@C…

RT @s4ntiago_p: 🔥 New blogpost 🔥 Running PEs inline without a console. You now can, for example, run PowerShell in CobaltStrike and obtain…

RT @AliceCliment: Finally done! My latest article introduce the basics of Windows kernel drivers/internals and how to find and exploit pro…

RT @the_secret_club: Abusing undocumented features to spoof PE section headers by @x86matthew

RT @VirtualAllocEx: With my new blog post "Direct Syscalls: A journey from high to low" I try to explain what a syscall is, what a direct s…

RT @s4ntiago_p: I just published my implementation of call stack spoofing using hardware breakpoints 😁 Works for syscalls and APIs, suppor…

RT @mrd0x: For the past couple of months @NUL0x4C and I have been working on a module-based malware dev training course that covers variou…

@snovvcrash @carlospolopm @OscarAkaElvis @cube0x0 @HackAndDo @Flangvik @ippsec @0xdf_ @n00py1 @_EthicalChaos_ @_xpn_ @podalirius_ @KlezVirus @tifkin_ @FuzzySec @mariuszbit @Jean_Maes_1994 @tiraniddo @N4k3dTurtl3 @NotMedic @s4ntiago_p @icyguider @x86matthew @ly4k_ @bohops Thanks for including me. It's my pleasure.

RT @snovvcrash: [BLOG 📝] Some notes on how to automate the generation of Position Independent Shellcodes (without msfvenom windows/x64/exec…

RT @joehowwolf: My first blog at CS - Dynamically spoofing call stacks with timers: PoC:

RT @Stealthsploit: Finally revamped my original @hashcat rule OneRuleToRuleThemAll. The new and improved OneRuleToRuleThemStill has ~5% re…

RT @0xBoku: macOS x64 shellcode that uses an eggHunter to find and decipher the command shell string. Tinkering with macOS x64 shellcoding…

@vxunderground @_RastaMouse This is a nice re-implementation. :) Just an FYI, my PoC does not spawn certain binaries because of the lack of CSRSS notification. @s4ntiago_p solved this issue in his implementation.

Here's a copy of my slides from my #SANSHackFest talk. Sorry it took me awhile to upload it. #maldev #redteam

RT @KlezVirus: [BLOG POST] And as promised, this is a brief article the describing the technique used within SilentMoonwalk. Might be a goo…

RT @coder_rc: Windows internals resources that I have collected in around an year #infosec Win32 programming with code examples: https://t.…

RT @vxunderground: We have published a paper: "About malware writing and how to start" This paper exists to address the questions we frequ…

RT @KlezVirus: [RELEASE] After a little wait, I'm happy to present SilentMoonwalk, a PoC implementation of a TRUE call stack spoofer, resul…

RT @zeropointsecltd: [NEW SHORT COURSE] DevOps for Pentesters

RT @binitamshah: laZzzy : a shellcode loader, developed using different open-source libraries, that demonstrates different execution techni…