⚠️ Entry 7 in the Windows API Abuse Atlas!! Hackers love abusing NtDeviceIoControlFile to sneak past defenses. I’m here to expose those tricks and help build stronger shields 🛡️. Actively looking for new opportunities 🔍 and eager to collaborate 🤝.

I’ve been building out the Windows API Abuse Atlas, a project I started to document how lesser-known Windows APIs are abused by attackers. The latest entry breaks down NtSetInformationThread and its use in anti-debugging. Also looking for my next role.

Check out my latest article: 🚩 EtwEventWrite Patching: One Way Attackers Blind Windows Defenders 🚩 via @LinkedIn.

RT @jukelennings: Someone is using Evilginx to target customers of Onfido, part of Entrust, with a malicious Google advert that comes above….

RT @vinopaljiri: New CP<r> research is out! 😊.Breaking Boundaries: Investigating Vulnerable Drivers and Mitigating Risks 🔎. Very excited ab….

RT @threatintel: RansomHub has quickly grown to become one of the largest ransomware operations mounting attacks. Find out why. https://t.c….

RT @BSidesCharm: Embark on an epic journey with @DanaBehling in "The Fellowship of the Ring0" to identify vulnerable drivers and quickly &….

So excited!.

RT @cyb3rops: YARA v4.4 has been released by @plusvic . it contains .- several bug fixes, most of them in the modules.- a performance tweak….

Hunting Vulnerable Kernel Drivers . Awesome work with excellent detail on how to find vulnerabilities in Windows drivers.

RT @virusbtn: Last week VMware researchers wrote about LummaStealer, a Malware-as-a-Service (MaaS) that is sold widely across numerous Dark….

RT @M_haggis: 🚀 Introducing ⭐️LOLDrivers 2.0 ⭐️! .A milestone release that enhances user experience, threat detection, and much more. Check….

RT @bbaskin: I'm extremely excited to present at Black Hat Arsenal the new rewrite and upgrades to Noriben. I last presented it there *8* y….

RT @M_haggis: A great add to the #LOLDrivers project! Thank you @cyb3rops !

RT @BSidesSATX: Starting at 2pm on 6/10, we have Dana Behling w/"Driving Your Own Vulnerability: How to Navigate the Road of BYOD Attacks",….

RT @infosecb: I’m excited to kick the morning off by announcing the release of 🍎 Living Off the Orchard: macOS Binaries (LOOBins)!. https:/….

RT @yarden_shafir: 170 of the drivers load with the most recent HVCI driver blocklist. Do with this information wha….

I signed up for the 6th Annual Monster Dash 10k 2023 on Oct 29, 2023!

Bring Your Own Backdoor: How Vulnerable Drivers Let Hackers In

RT @M_haggis: Introducing the Living Off The Land Drivers (LOLDrivers) project, a crucial resource that consolidates vulnerable and malicio….