MetallicHack
@MetallicHack
Followers
807
Following
3K
Statuses
862
🇨🇵 Cybersecurity engineer enjoying Windows & AD security, DFIR and detection engineering @TheDFIRReport analyst
Joined November 2020
RT @sixtyvividtails: Is your EDR a dump? Yes it is! cmd /v/c "set R=reg add HKLM\SYSTEM\CurrentControlSet\Control\CrashControl /f /v&!R! C…
0
166
0
RT @fr0gger_: 📢 New Microsoft Threat Report: "ViewState Code Injection Attacks Using Publicly Disclosed Machine Key…
0
80
0
RT @33y0re: Today I’m sharing a blog post on the implementation of kernel mode shadow stacks on Windows! This post covers actively debuggin…
0
142
0
RT @OutflankNL: Virtual fortresses aren’t as invincible as they seem 🏰⚔️. Read about our latest research on using Secure Enclaves in Wind…
0
38
0
RT @itswillis: Two new posts from @tiraniddo today: on reviving a memory trapping primitive from his 2021 post.…
0
90
0
RT @splinter_code: Very interesting post by Microsoft about the internals of the new Admin Protection feature It seems they have patched my…
0
49
0
RT @jsecurity101: I am happy to announce JonMon2.0 has been published. 2.0 offers a lot of feature updates, as well as stability. More fe…
0
47
0
RT @hasherezade: In case if you wonder what broke #ProcessHollowing on Windows 11 24H2, I have something for you:
0
302
0
RT @rad9800: Wrote a short blog post on: - ETW Threat Intelligence generated by SetThreadContext (hardware breakpoints) - Kernel debugging…
0
78
0
RT @falconforceteam: n our latest blog, we follow Arnau ( on his journey to leverage #WinRM plugins for lateral mov…
0
33
0
RT @passthehashbrwn: New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a nove…
0
142
0
RT @malmoeb: While investigating a true positive Lumma infection [1], I stumbled upon the PowerShell invocation in the image below. Notic…
0
33
0
RT @CICADA8Research: ▎SpyWare 2.0 🔍 Read our new research and learn about MS UIA technology. You will explore the depths of COM, graphica…
0
69
0
RT @tccontre18: Excited to share the latest Splunk Threat Research Team blog on the Meduza Stealer! This analysis breaks down the MITRE ATT…
0
35
0
RT @decoder_it: When it comes to the new Windows 11 feature "Admin Protection" regaining god-mode privileges is a challenge, you can no lo…
0
87
0
RT @elisalem9: My new article on #Lockbit4 Green. As always, it's a mix between a step-by-step tutorial \ training and a presentation. Some…
0
34
0
RT @DebugPrivilege: Hi all - happy Sunday! I decided to write up a real troubleshooting case where the associated GPO wouldn't appear in th…
0
17
0