Here it is: my research on Alternate Syscalls for Windows 11! There are still a few other facets to explore, but this is stable and PatchGuard resistant (from my tests!). #blueteam #redteam #computing #securityresearch #cyber #infosec #cybersec #malware.

And people like Java?!?

Got my hands on some active *alleged* Iranian spyware, gonna maybe write something short up about it :) not too complex as reversing this stuff isn't my forte, more of a side quest.

Also interesting it’s in a /Work folder, I wonder what else is on that drive 👀.

First time playing with BN's debugger, not sure why I have never done this before. Loving the Windbg style syntax. I find it hard to replace x64dbg's interface tho :(. Gonna force myself to use this for a while, see if it clicks

PANIC OVER, it opens the file via NtCreateFile. I started questioning reality for a moment.

Maybe its NtCreateFile.

Hunting something cool, interestingly, scanning a file in defender doesn't go through NtOpenFile. (ignore the SCAN DETECTED, my println's are deceitful). The hunt continues.

That feeling when you reduce a complex function by half and improve how you reason with it. Then the subsequent feeling thinking: y r u so dumb

Okay @Microsoft @msftsecurity @MSFTResearch #RIFT is pretty damn cool. But can it be ported to ghidra for us poor nerds who can’t afford IDA Pro 🤓.

RT @d1rkmtr: Thinking about releasing initial access (bypass MotW & SmartScreen) framework just for bros, not that commercial free version….

RT @vxunderground: Dear Red Team nerds,. If you're curious what a successful and serious malware campaign looks like (if you want to make a….

RT @TheHackersNews: 🔍 UPDATE: The Havoc backdoor used by Iranian hackers is far more advanced than we thought. Injected via conhost.dll, i….

RT @5mukx: Doppelganger: An Advanced LSASS Dumper with Process Cloning.

The more I use Axum, the more I like it. About half way through v1.0 of my project that I'll open source. I have updates planned for v1.1, as well as through 2.0, 3.0 and 4.0. Keen to get a mvp out. but, I also want enough for it to be useful. Cant wait to share!!.

I was looking forward to using my gorgeous new (Spanish designed) garlic grater, but how the hell are you supposed to get the garlic out of the grooves it just smushes 😭😭😭

Yoooo nice work!.

Been re-cookin' an old project from about 3 years ago recently. Originally written in Go and C - rewriting in Rust. Got a roadmap for various releases - thinking of open sourcing it when the first major milestone is met. Or maybe I wait for a more complete product. Idk 🤷‍♂️.

Sorry, what? std::ops::Yeet ???

RT @xacone_: If you're exploiting a driver offering R/W access to physical memory on Win11 24H2, you can leverage this simple trick to circ….