top of page

Search


Performing DLL Hijacking
In this blog, we'll learn about the concept of DLL hijacking, a technique that attackers and pentesters alike use to gain unauthorized access to the system. We will learn what DLLs are and exploit the way Windows OS loads the DLL (Dynamic Link Libraries), along with practical implications for how attackers can leverage them.
Mar 1110 min read
Â
Â


APT42: Operations, IOCs, Tactics, Detection Strategies
APT42 emulation strategy, current IOCs, TTPs, and detection guidance.
Mar 97 min read
Â
Â


APT29 (Midnight Blizzard): Operations, IOCs, Tactics, Detection Strategies
APT29/Midnight Blizzard emulation strategy, current IOCs, TTPs, and detection guidance for the Russian SVR-backed threat actor.
Mar 75 min read
Â
Â


The Only JWT Security Guide You Will Ever Need
The Ultimate guide to Breaking JWT, JWT are primarily used for authentication & authorization almost everywhere in modern web. JWTs can possess security vulnerabilities if configured and implemented improperly, potentially causing havoc. Thus, understanding how JWTs work and how they might fail is critical when securing systems that leverage JWTs.
Sep 24, 202517 min read
Â
Â


Stealth Syscall Execution: Bypassing ETW, Sysmon, and EDR Detection
Stealth Syscalls: Because Life's Too Short to Argue with an Angry EDR! Introduction to Stealth Syscalls System calls (syscalls) serve as the bridge between user-mode processes and the Windows kernel. They facilitate crucial tasks such as memory management, file operations, and process creation. Security tools like Event Tracing for Windows (ETW), Sysmon, and debuggers such as x64dbg and WinDbg actively monitor these interactions to detect malicious or anomalous syscall execut
Apr 10, 20256 min read
Â
Â
Blog Categories
bottom of page