-
Hi @S4ntiagoP ,
the werfault technique seems cool and has some potential :)
However, i run it on a Windows 1909 and i got an empty lsass dump:
![image](https://user-images.githubusercontent.…
-
Original release date: October 4, 2022
### Summary
**Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity:**
• Enforce multifactor authentication (MFA) on all user acc…
-
Original release date: September 6, 2022
### Summary
**Actions to take today to mitigate cyber threats from ransomware:**
• Prioritize and remediate [known exploited vulnerabilities](https://www.…
-
Original release date: December 1, 2022
### Summary
**Actions to take today to mitigate cyber threats from ransomware:**
• Prioritize remediating [known exploited vulnerabilities](https://www.cis…
-
Original release date: November 17, 2022
### Summary
**Actions to Take Today to Mitigate Cyber Threats from Ransomware:**
• Prioritize remediating [known exploited vulnerabilities](https://www.ci…
-
so every payload is a .bin for me except the dll that doesnt work for me.
dont know what i'm doing wrong. installed on kali, changed paths, loaded cna, dont know what else to do
[screenshots.do…
-
hi
For AV/EDR evasion
AMSI bypass: i have tested with PowerShell.exe and amsi.dll!AmsiScanBuffer and
i read src/InstallStager/Unhook.cs and
i read : r77api.h for both the C# and C…
-
This is the error I get when trying to run 'python dettect.py generic -ds'
```
Traceback (most recent call last):
File "dettect.py", line 353, in
_menu(_init_menu())
File "dettect.py",…
-
## 取消Windows Hook
EDR通过hook一些重要函数,将函数调用先到它自己,审查通过后再跳转回来
![image](https://user-images.githubusercontent.com/18695984/119229010-6b780800-bb48-11eb-9374-36b6e5ee857d.png)
解决方法可以重新遍历`Ntdll IAT`找到需要的方法,…
-
Hi!
When I load your provided `.o` file it loads & works fine:
```
[14:43:03] ========== Running 'BEACON_RDLL_GENERATE' for DLL resources/beacon.x64.dll with architecture x64 ========== at rdll…