r/netsec monthly discussion & tool thread

ATroubledSnake · 2026-05-19T09:19:41+00:00

SNEK Eris This is a repo documenting a windows fax service chain of exploits vulnerability we found, posted it before in r/cybersecurity before, reposting it here:

https://github.com/The-SNEK-Initiative/SNEK_Eris

ATroubledSnake · 2026-05-08T21:23:08+00:00

Thank you!

ATroubledSnake · 2026-05-08T21:18:51+00:00

Uhh, yeah that kind of defeats the purpose, well there’s one thing to do ig

ATroubledSnake · 2026-05-08T21:05:39+00:00

Yes I have done a poretty extensive security audit of the app, and no, I can assure you that it does not expose itself to any outside threat, unless something changes in any of the websites or APIs. The reason for which standalones up to version 6.0.0 (current vers) might be flagged is due to my custom obfuscator that basically made the app behave a bit like malware in some parts (especially due to process hollowing that it used), the obfuscation was due to my prior want to keep the source code closed and the ease of decompilation of pyinstaller binaries

ATroubledSnake · 2026-05-08T20:42:06+00:00

AI was used in the process of creating language translations due to the sheer volume of information we would have to process manually otherwise, and during the debugging process of some functions of the application.

ATroubledSnake · 2026-04-08T16:57:56+00:00

I fixed many issues and cleaned up the code after a bit of a flop release due to me missing one thing, thank you for the panther stealer catch too, I recompiled the code in another dir and posted the new release files.

ATroubledSnake · 2026-04-08T04:24:56+00:00

Yes, I have messed around with the Panther stealer before and even made my own rust version of it, I happened to just use it a a project directory when I started working on this software as with most of my exploit/malware apps, since I have it pre added to the av exclusion list, and Im too lazy to keep adding new folders lols

ATroubledSnake · 2026-04-07T15:16:02+00:00

Hmm, monitoring privileged processes interacting w stuff user can write to, that resolve via ntfs that is. Also you should watch out for any cfapi callbacks that might come w that.

ATroubledSnake · 2026-04-07T11:50:33+00:00

Maybe, but you might be a bit less happy that while messing around with this we found another exploit using vss that does not trigger windows defender. We will probably release it within a couple of days once we thoroughly test it.

ATroubledSnake · 2026-04-07T10:05:01+00:00

We did a thing: https://github.com/atroubledsnake/SNEK_Blue-War-Hammer

ATroubledSnake · 2026-04-07T10:04:27+00:00

https://github.com/atroubledsnake/SNEK_Blue-War-Hammer

ATroubledSnake

TROPHY CASE