-
|Wazuh version|Component|Install type|
|---|---|---|
| v3.11.1 | EventChannel | win agent|
When we generate eventChannel alerts, we find extra bars in the `processName` field. When that informat…
-
Hey @dmacvicar!
It looks like the status change of `running` doesn't result in the machine being shut down (gracefully) or started up.
https://github.com/dmacvicar/terraform-provider-libvirt/blo…
-
When explorer's shell restarts or opens with retrobar active, explorer crashes (making a crash loop of explorer)
Whatever this program does to keep the taskbar inactive in normal explorer seems to be…
-
msf> use exploit/windows/local/ms13_053_schlamperei
================================================================
This module leverages a kernel pool overflow in Win32k which allows local privi…
-
Investigate problems in these samples. solve them, and add regression tests: [samples.zip](https://github.com/avast-tl/retdec-idaplugin/files/1674405/samples.zip)(MALWARE!).
`89442e72227b209b7fcbe4…
-
post/windows/manage/enable_rdp.rb
https://github.com/rapid7/metasploit-framework/blob/adb275520b9552d6760eae50d0cd8074976d215b/modules/post/windows/manage/enable_rdp.rb#L142
hide_user_key error
![b…
-
Ive come across this multiple times now, apparently because windows image fetched windows updates before provisioning. Some windows updates (fetched during first startup after fresh sysprep) seem to d…
abbbi updated
10 months ago
-
- [x] processes - List process name/ID, parent ID, start/end time, duration, session, user information
- [x] tasks - List Scheduled Tasks events
- [x] gpos - List GPO processing information
- [x] w…
-
i was exploring a vt sbies, and yeah one of them deploy thing called RepetitiveProcess (to bypass count check on how many programs are running) you can check godefender and maybe implement it.
PoC:
…
-
Ran it with admin priv., then the system is blackout. Before that, I saw a message saying like "trying to replace dwm.exe failed".
nothing left but a cursor when you move mouse. CTRL + ALT + DELET…