I'm thrilled to announce Fibratus - a modern tool for the Windows kernel tracing and observability built in @golang . Fibratus is the fruit of a lot of development.and research during the past two years. To discover more about Fibratus, head to

RT @impromptum2: A small tribute for fellow Dark Souls II fans. ♥️.#DarkSouls.@VaatiVidya.

RT @impromptum2: Quién más recuerda la música de este increíble juego? 🛡️🗡️.#JRPG #PlayStation

🚀 Fibratus 2.4.0 is out!. I'm thrilled to announce the Fibratus 2.4.0 With over 100 commits, this release brings astonishing performance improvements, 24 new rules, threadpool telemetry and much more. Check the full change log.

RT @akaclandestine: GitHub - rabbitstack/fibratus: Adversary tradecraft detection, protection, and hunting

RT @kuzmica75: Ljudi delite, delite #Banjaluka ajmo za nasu @slavka1771, ajmo 🙏

A short demo of the Eventlog alert sender.

Fibratus 2.3.0 is out!. 🪲𝗥𝗲𝘃𝗮𝗺𝗽𝗲𝗱 𝗬𝗔𝗥𝗔 𝗺𝗲𝗺𝗼𝗿𝘆 𝘀𝗰𝗮𝗻𝗻𝗲𝗿 .🪵𝗘𝘃𝗲𝗻𝘁𝗹𝗼𝗴 𝗮𝗹𝗲𝗿𝘁 𝘀𝗲𝗻𝗱𝗲𝗿.🕵 𝟭𝟬 𝗻𝗲𝘄 𝗱𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻 𝗿𝘂𝗹𝗲𝘀.🪪 𝗠𝗦𝗜 𝗰𝗼𝗱𝗲 𝘀𝗶𝗴𝗻𝗶𝗻𝗴.🛡️ 𝗥𝘂𝗹𝗲 𝗹𝗮𝗻𝗴𝘂𝗮𝗴𝗲 𝗳𝗶𝗲𝗹𝗱𝘀.

RT @impromptum2: Hi! More SILENT HILL 2 OST 🌫️.Theme Of Laura (Reprise) composed by @AkiraYamaoka . The Soundtrack Preview inspired me for….

RT @impromptum2: 🔥Dark Souls 3 - Firelink Shrine.(Full video on my YouTube channel).#DarkSouls #fromsoftware #bandainamco .

RT @impromptum2: SILENT HILL 2🔺 - True | Piano Solo (composition by @AkiraYamaoka ) .#silenthill2 #Konami

🎉 Fibratus 2.2.1 is out!. This is a maintenance release with a bunch of small enhancements and bug fixes. Chnagelog: Kudos to @JRdefmain for catching and reporting the 🐛.

RT @impromptum2: Hi! New video from The Legend Of Dragoon(⁠◍⁠•⁠ᴗ⁠•⁠◍⁠)💚.#PlayStation #RPG #GamingVibes . @16bitnost….

- vulnerable/malicious driver detection with loldrivers dataset.- ton of improvements. Full changelog:

🎉 Fibratus 2.2.0 is out!. This marks the start of a new era. I'm refocusing the product strategy towards adversary tradecraft detection and protection. Highlights of this release:.- kernel callstack enrichment.- systray alert sender.- 30 new detection rules.

TIL: If you plant a custom wow64log.dll in System32 directory, the DLL will get loaded into every WoW64 process in the system. You might already knew this. But did you know its signature characteristics are retained from kernel image callback perspective?.

RT @impromptum2: Hi! I did " Super Earth Anthem " Hope you like it :). @helldivers2 @Helldiversmedia . #Helldivers2.

Got it:

post anymore. Any hints?.

To all sec researchers. I'm trying to identify and APT whose initial access consists on delivering a weaponized macro. After execution, the macro will target and terminate the Windows Event Log threads. I recall there was a detailed analysis of this APT, but can't find the blog.