Uriel Kosayev
@MalFuzzer
Followers
5K
Following
8K
Media
499
Statuses
5K
Author of MAoS & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Walking this world with God
Joined December 2017
Brand new ๐ 40-hour EDR Internals: Research & Development live workshop with my friend @zodiacon Starts 23 Oct 2025 ๐๐ฅ. Early-bird $1,450 ends 30 Sep;.Details: #EDRInternals #KernelDevelopment #ReverseEngineering #CyberSecurityTraining #MalwareAnalysis.
trainsec.net
This hands-on workshop is designed to give cybersecurity professionals, malware researchers, and detection engineers a rare opportunity to explore how modern Endpoint Detection and Response (EDR)...
0
18
90
RT @Bl4ckShad3: New research alert, Phishing as a Service - Abuse Azure Apps to Phish the Tenant. While researching Azure App Permissionsโฆ.
medium.com
Azure app registration utilizes a dedicated service principal for each app, enabling the application to interact with APIs and Azureโฆ
0
3
0
Itโs truly amazing and inspiring to receive such feedback from you all โค๏ธ
๐จ Win a FREE seat to our exclusive **EDR Internals, Research & Development** live online workshop! ๐ Dive deep into EDR systems with expert-led training. Follow, like & share this post to enter! ๐ Donโt miss outโsecure your spot now! ๐ #Cybersecurity.
0
0
1
RT @azuregiubleanu: @TrainSec I really enjoy pavel and uriel trainings. Security is an interest of mine and I always strive to learn more.
0
2
0
RT @SubZero0x9: @TrainSec Having bought and read Windows System Programming and Windows Native Programming book by @zodiacon , I can vouchโฆ.
0
2
0
๐จ Win a FREE seat to our exclusive **EDR Internals, Research & Development** live online workshop! ๐ Dive deep into EDR systems with expert-led training. Follow, like & share this post to enter! ๐ Donโt miss outโsecure your spot now! ๐ #Cybersecurity.
trainsec.net
This hands-on workshop is designed to give cybersecurity professionals, malware researchers, and detection engineers a rare opportunity to explore how modern Endpoint Detection and Response (EDR)...
15
38
92
RT @Idov31: I'm happy to finally release NovaHypervisor! NovaHypervisor is a defensive hypervisor with the goal of protecting AV/EDR vendorโฆ.
github.com
NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other mean...
0
87
0
Thanks to the first ones who registered!.Make sure not to miss the opportunity to grab the early bird price ๐ฅ.Have a great weekend all! โค๏ธ.
Brand new ๐ 40-hour EDR Internals: Research & Development live workshop with my friend @zodiacon Starts 23 Oct 2025 ๐๐ฅ. Early-bird $1,450 ends 30 Sep;.Details: #EDRInternals #KernelDevelopment #ReverseEngineering #CyberSecurityTraining #MalwareAnalysis.
1
0
2
RT @Bl4ckShad3: While researching in Azure with my partner @IdanLerman we found some cool misconfiguration in Azure role condition that caโฆ.
medium.com
When a user assigns an administrative role to other users or themselves, some conditions may be created. When assigning a new owner withโฆ
0
5
0
Following of my good family matters I had to take some time off, but next week Iโm continuing with the book, currently I have 218 pages of pure reversing ๐. #MalwareAnalysis #ReverseEngineering #CyberSecurity #InfoSec #MalwareResearch #DFIR #MAoS #TrainSec.
๐จ COMING SOON ๐จ.After years of real-world malware dissections, offensive operations, and late-night reverse engineering battles, I'm finally putting it all into one place. ๐ MAoS โ Malware Analysis on Steroids.This isn't another theoretical guide. It's raw, practical, and
2
3
20
Simple yet deadly @TheDFIRReport .The use of RDP password spray and NirSoft for credential harvestingโฆ.What more can be said?.
New @TheDFIRReport . Hide Your RDP: Password Spray Leads to RansomHub Deployment.
0
0
2
This is exactly why in some of my red team engagements I wrote WSL-based malware that did everything from Discovery to Impact (including info stealing and Ransomware activity). No EDR/AV could introspect it as they donโt even try to. #redteam #maldev.
A teammate of mine worked on an interesting incident where the attackers connected to the backup server via RDP, launched the Chrome browser, and searched on Google for "VirtualBox". The VirtualBox installer was then downloaded to the home directory of the compromised user:.
0
1
4
0
10
0
We are at war, love you all โค๏ธ. "*ืึถื ืขึธื ืึฐึผืึธืึดืื ืึธืงืึผื ืึฐืึทืึฒืจึดื ืึดืชึฐื ึทืฉึธึผืื*". ืืื ืืชืคืืื. ืืืืืืช. ืืืขืจืืืช ืืืืืช. ืฉืขืืช ืืืืืืช ืืคื ืื ื- .*ื ืฉืชืื ืืืืฉืืจ, ืืืจืืืข ืืืขืืื, ืืืกืืืข ืืื ืฉืืคืฉืจ ืืืจืื.*. ืึดื ืฉึถืืึตึผืจึทืึฐ ืึฒืืึนืชึตืื ืึผ.ืึทืึฐืจึธืึธื ืึดืฆึฐืึธืง ืึฐืึทืขึฒืงึนื,.ืืึผื *ืึฐืึธืจึตืึฐ ืึถืช
0
0
1
RT @HAIM__GOZALI: ืดืืชื ืืืืขืื ืื ืืืืช ืืคืืื ืืช ืืขืืื? ืืืืื ืฉืื ืืคืื.ืด. ืชืืื ืืืืชื ืืื ืืืืืช ืืืืื. ืื ืืฉื ื ืื ืื ืืื ืขื ืืืื ืืืืืื ืฉื ืืืโฆ.
0
7
0
