u/netbiosX

Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading

▲ 1 r/purpleteamsec

Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading

labs.k7computing.com

u/netbiosX — 6 hours ago

▲ 5 r/purpleteamsec

Credential Access Detection Beyond LSASS

training.ridgelinecyber.com

u/netbiosX — 1 day ago

▲ 4 r/purpleteamsec

GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security

u/netbiosX — 2 days ago

▲ 1 r/purpleteamsec

How Storm-2949 turned a compromised identity into a cloud-wide breach

u/netbiosX — 2 days ago

▲ 3 r/purpleteamsec

Common Initial Access Techniques

ntrunr.github.io

u/netbiosX — 3 days ago

▲ 4 r/purpleteamsec

Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools

unit42.paloaltonetworks.com

u/netbiosX — 4 days ago

▲ 4 r/purpleteamsec

Novel Evilginx Frontend - Lowering the barrier for token theft reuse

u/netbiosX — 6 days ago

▲ 1 r/purpleteamsec

Kazuar: Anatomy of a nation-state botnet

u/netbiosX — 7 days ago

▲ 3 r/purpleteamsec

Threat Analysis: Backdoored Electron Apps Evading Defenses

u/netbiosX — 8 days ago

▲ 47 r/pwnhub+4 crossposts

A stealth approach to Process Injection - EntryPoint Hijacking

u/netbiosX — 8 days ago

▲ 4 r/purpleteamsec

magnetar - A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more

u/netbiosX — 9 days ago

▲ 5 r/purpleteamsec

Detecting Remote Thread Creation with Windows Driver

u/netbiosX — 10 days ago

▲ 1 r/purpleteamsec

Detection Engineering Best Practices: Performance, Readability & Maintenance

u/netbiosX — 10 days ago

▲ 2 r/purpleteamsec

EtwWatcher

jonny-johnson.medium.com

u/netbiosX — 10 days ago

▲ 2 r/purpleteamsec

Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access

cloud.google.com

u/netbiosX — 10 days ago

▲ 7 r/purpleteamsec

Unmanaged PowerShell Execution: Hunting Beyond powershell.exe

u/netbiosX — 11 days ago

▲ 4 r/purpleteamsec

Purple Team Exercise Framework v4 - AI/ML Threat Guidance, Cloud & Identity Coverage, Continuous Purple Teaming and More

u/netbiosX — 12 days ago

▲ 4 r/purpleteamsec

Windows Processes DLLHost

research.nasbench.dev

u/netbiosX — 13 days ago

▲ 3 r/purpleteamsec

PositiveIntent - Evasive loader for .NET Framework assemblies

u/netbiosX — 14 days ago

▲ 4 r/purpleteamsec

The Accidental C2: Exploring Dev Tunnels for Remote Access

u/netbiosX — 15 days ago