PinnedUsman SikanderinSystem WeaknessArsenal: Bypass EDR’s/XDR’s and make malware analysis harder(Direct Syscalls, Sandbox Bypass, API Hashing, AES Encryption)Apr 1, 20221Apr 1, 20221
Usman SikanderUnveiling the Intricacies of AsyncRAT: A deployment in Colombia by the Blind Eagle Cyber GroupIntroductionJan 8Jan 8
Usman SikanderUnveiling the Intricacies of SamSam Ransomware: A Comprehensive Analysis Plus Proactive Threat…IntroductionNov 23, 2023Nov 23, 2023
Usman SikanderinSystem WeaknessDark Crystel RAT (DCrat)Detailed AnalysisMulti-StageSep 25, 2023Sep 25, 2023
Usman SikanderinSystem WeaknessOn-Disk Detection: Bypass AV’s/EDR’s using syscalls with legacy instruction, series of instructions…Hi everyone, today I am going to explain some techniques to bypass AV/EDR’s static as well as dynamic detection. The main focus is to…Apr 11, 2022Apr 11, 2022
Usman SikanderinSystem WeaknessEASE POST-EXPLOITATION: Getting elevated reverse shell using DLL Hijacking and Mock DirectoriesThis blog is about DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged…Mar 24, 2022Mar 24, 2022
Usman SikanderAV/EDR Evasion Using Direct System Calls (User-Mode vs kernel-Mode)Modern AVs and EDRs use a variety of approaches to accomplish both static and dynamic analysis. They can examine many signatures, such as…Mar 11, 20221Mar 11, 20221
Usman SikanderinSystem WeaknessBypass “Mimikatz” using the Process Injection TechniqueMimikatz is an open-source application that enables users to see and store save authentication credentials like Kerberos tickets. Benjamin…Feb 24, 20221Feb 24, 20221