Tried against Sofos XDR. It successfully Evaded! Thanks to @Sh0ckFR (for letting me know abt the Trial Version of this XDR) Also thanks to @SEKTOR7net (For letting me know about /MT compiler flag. How it statically links CRT functions together in a binary)

Automating COM/DCOM vulnerability research

Dynamic binary instrumentation (DBI) on Windows X86-64 with DynamoRio https://t.co/OlRuXSPWu1

Escaping DLL Loader Locks with PostProcessInitRoutine https://t.co/jVr5hCA1v3

I might be DUMB but I was today years old when I found out that when the CLR allocates memory for IL, it has RWX permissions which means you can do this:

Releasing project WILDBEAST: https://t.co/AJm8TDWe2b Nothing novel here, just one of my personal setups for capability development using VS Code and GCC. (btw: I document all useful compiler switches and contrary to popular belief, -fPIC does bugger all with MinGW)

Last month, @d_tranman and I gave a talk @MCTTP_Con called "COM to the Darkside" focusing on COM/DCOM cross-session and fileless lateral movement tradecraft. Check out the slides here: https://t.co/1KNln1ldzF Recording should be released soon.

🎯 Amazon S3 Bucket Name Squatting By Costas Kourmpoglou What happens when AWS customers delete S3 buckets without considering name reuse? Costas Kourmpoglou dives into S3 bucket name squatting—a subtle but potent threat vector that can lead to data leaks, broken apps, and even

Driver Reverse Engineering 101 https://t.co/kDuBKwtt9S

A bit of a different post for me, but here's a hand curated list of Linux kernel cmdline parameters for system hardening: https://t.co/nWOkVkh6YK

Completed another CTF by Wiz, "The Ultimate Cloud Security Championship 12 Months X 12 Challenges". This CTF box tells us that even if Strong Security measures like "AWS data perimeters" is configured, it can be exploited if other AWS service configurations are misconfigured. We

Here I'm, as promised with the 5 remaining scenarios. Scenarios: 1. "Bulk Remote Sessions Across Multiple Instances via SSM StartSession" Detection 2. "AWS Security Group Public Exposure of SSH Port 22" Detection 3. "Data Theft via Shared AMI" Detection 4. "Data Theft via Shared

Fun little IOC in impacket-smbserver's Negotiate Protocol Response 🙃

New post out on https://t.co/yE0oHW7n7G!! All about writing actually useful incident response playbooks, through the lens of applied detection engineering. Based on cool stuff we're doing in our SOC https://t.co/SpfJJ0wIg2

New blog post coming soon of me analyzing a deadlock inside LSASS :P

🌐 Browser history can play a critical role in incident response. But retrieving raw artifacts from endpoints is often slow, manual, and inconsistent. Get inspiration on how to transform your own incident response strategy with a scalable, automated workflow from our newsletter

Been a long time since I've written something for my blog. Recently got inspired to break down how a very basic evasion attack on a machine learning model might work. Check it out https://t.co/JOnvSPztev

I put a BOF loader in a BOF so that you can run BOFs from a BOF. If you've had issues getting a BOF to work with CS's BOF loader in the past, you now have a drop-in way to get a little bit more compatibility. https://t.co/x6neBpHyIr

I have created a Github repo targeting AWS Attack Simulation and Detection. Followed these AWS challenges https://t.co/TZhIEXoyaa (Thanks to @bohops for letting me know about this website for getting introductory hands on for log analysis 👏 ) Scenarios: 1. "AWS Delete DNS