PinnedPublished inSystem WeaknessArsenal: Bypass EDR’s/XDR’s and make malware analysis harder(Direct Syscalls, Sandbox Bypass, API Hashing, AES Encryption)Apr 1, 20221Apr 1, 20221
Published inSystem WeaknessBYOVD A Kernel Attack: Stealthy Threat to Endpoint SecurityIntroduction:Aug 9Aug 9
Published inSystem WeaknessPEB Walk: Avoid API calls inspection in IAT by analyst and bypass static detection of…SummaryJul 26Jul 26
Published inOSINT TeamArsenal 2.0: Elevating Malware Stealth Tactics to bypass static detectionNote: This blog is an extension of my previous post, “Arsenal: Bypass EDR’s/XDR’s and make malware analysis harder.” In this follow-up, i…Jul 26Jul 26
Published inOSINT TeamUnveiling the Intricacies of AsyncRAT: A deployment in Colombia by the Blind Eagle Cyber GroupIntroductionJan 8Jan 8
Published inOSINT TeamUnveiling the Intricacies of SamSam Ransomware: A Comprehensive Analysis Plus Proactive Threat…IntroductionNov 23, 2023Nov 23, 2023
Published inSystem WeaknessDark Crystel RAT (DCrat)Detailed AnalysisMulti-StageSep 25, 2023Sep 25, 2023
Published inSystem WeaknessOn-Disk Detection: Bypass AV’s/EDR’s using syscalls with legacy instruction, series of instructions…Hi everyone, today I am going to explain some techniques to bypass AV/EDR’s static as well as dynamic detection. The main focus is to…Apr 11, 2022Apr 11, 2022
Published inSystem WeaknessEASE POST-EXPLOITATION: Getting elevated reverse shell using DLL Hijacking and Mock DirectoriesThis blog is about DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged…Mar 24, 2022Mar 24, 2022
Published inOSINT TeamAV/EDR Evasion Using Direct System Calls (User-Mode vs kernel-Mode)Modern AVs and EDRs use a variety of approaches to accomplish both static and dynamic analysis. They can examine many signatures, such as…Mar 11, 20221Mar 11, 20221