Cobalt Strike BOF that utilises AMD's Ryzen Master kernel driver to read and write physical memory. It currently escalates privileges from administrator to SYSTEM. Future goal is to add features such as disabling EDR, disabling ETW TI or dumping LSASS.

RT @0xBoku: 🔪Open-sourcing 💀StringReaper BOF! I've had great success in engagements carving credentials out of remote process memory with…

RT @silentwarble: Another one. It's raining PIC shellcode templates around here. Added to PIC-Library:

@silentwarble Interesting. I published somewhat the same yesterday: Compiles on MacOS using MinGW and directly outputs a x64 PIC file for Windows. Also exposes LoadLibraryA and GetProcAddress.

RT @5mukx: An unexpected journey into Microsoft Defender's signature World:

@_xpn_ @TheXC3LL Yeah, same here! Love it as well.

@mrgretzky @TheXC3LL Which Herman Miller chair do you have?

RT @netbiosX: EDRPrison - Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry

RT @nullcon: 🛠️ Malware that sleeps, works, and never stays! 😴 Learn how Kong Loader uses sleep masks to make malware invisible in memory…

@x_Noemiep @Tijnoz Ik moet zeggen, ik was wel heel blij toen de koerier binnen liep! 🤣🍕

@mrgretzky This looks great @mrgretzky! 😀

I will be presenting at @nullcon 2025! 🇮🇳 The hidden ART of rolling shellcode decryption. A dive into a new shellcode loading technique!

RT @AmberWolfSec: Today, AmberWolf released two blog posts and our tool "NachoVPN" to target vulnerabilities in major VPNs, including CVE-2…

@selmarsmit @x_Noemiep @Tijnoz Mijn dag ziet er als volgt uit. 10:00 tot 20:00 Wachten tot Magnet Axiom klaar is met het parsen van een disk image 😂. En dan rond 20:00 te horen krijgen van @Tijnoz dat ik aan het begin ergens een optie fout heb gezet 🙈.

@x_Noemiep @thelion_rasco @selmarsmit Ik had dit oprecht niet in de gaten. Sorry @selmarsmit 🤣.

@selmarsmit @Dymff Als het managed laptops zijn worden die instellingen ook vaak weer overschreven, dus zo’n mouse jiggler is dan inderdaad de minst risicovolle manier.

@mrgretzky @_xpn_ @Hexacorn ➕1, on this one! I miss Twitter how it used to be.

@_xpn_ Your talk was awesome!

@Stef_van_Dop Me! 🤣 No no, just kidding. I think you had great Dutch speakers on stage this year already! I think most of the people presenting at RedTreat are not Dutch.

@_JohnHammond @github @GitHubSecurity Received such an issue/email myself as well. I thought it was smart that they deleted the issue and only the email remained. But apparently that was not on purpose?