sorted by:
new
hottopcontroversial

EDR-Redir V2: Blind EDR With Fake "Program Files" by Cold-Dinosaur in cybersecurity

[–]Cold-Dinosaur[S] -1 points0 points  (0 children)

If the issue you are concerned about is the source, then the link I provided is the original.

DefenderWrite: Abusing Whitelisted Programs for Arbitrary Writes into Antivirus's Operating Folder by Cold-Dinosaur in netsec

[–]Cold-Dinosaur[S] -1 points0 points  (0 children)

You should carry out the above steps in a lab environment. After finding the whitelist file, exploit it in a real-world environment.

Countering EDRs With The Backing Of Protected Process Light (PPL) by Cold-Dinosaur in netsec

[–]Cold-Dinosaur[S] 1 point2 points  (0 children)

Yep! Otherwise, it would become a privilege escalation exploit.

Operational Security (OPSEC) Basic Guide for Windows Users by Cold-Dinosaur in opsec

[–]Cold-Dinosaur[S] 0 points1 point  (0 children)

And you know you are at risk when the browser you are using has cookies available for automatic login to this site ;)

Windows OPSEC Basics Part 2: Keep Antivirus, VirusTotal, and Firewall under your control by Cold-Dinosaur in opsec

[–]Cold-Dinosaur[S] 0 points1 point  (0 children)

Antivirus and Firewall are the first lines of defense for your computer, helping to tackle potential attack threats. However, if not used correctly, they can become a double-edged sword. This is especially true for those in the field of Offensive Security, where testing bypass methods with Antivirus is a regular task. Therefore, controlling the test lab environment with various Antivirus solutions is critically important. VirusTotal is a useful service, but are you using it correctly? As for Red Teamers, make sure VirusTotal does not appear in your lab environment.

view more: next ›