Staring and clicking around until things magically make sense

Far away from you
Joined January 2018
Blog post detailing Sysmon's file delete event internals and escalation to kernel code execution has been published here: undev.ninja/sysmon-internals…. PoC code uploaded here: github.com/NtRaiseHardError/…. Affected versions: v11.0 and above.
We all know Sysmon has many great features. But did you know, there is a hidden one that allows you to execute code in the kernel? Here's an example that disables lsass.exe's PPL! Many thanks to @SBousseaden for verifying.
5
282
475
Undev Ninja retweeted
Our tool to spot vulnerable code patterns in binary executables (CWEs) just joined the Twitterverse to celebrate the integration of #Ghidra as an available backend in its new release v0.4! Go check it out 😎
Version 0.4 of the cwe_checker was released just a few days ago. Highlight of the release is the new Ghidra backend, which can be used as an alternative to the old BAP backend. Check it out on github.com/fkie-cad/cwe_chec…
1
8
16
Undev Ninja retweeted
my write up for looking-glass box on @RealTryHackMe 0x00jeff.github.io/tryhackme…
0
4
8
Undev Ninja retweeted
My write up for Mr.Robot box on @RealTryHackMe 0x00jeff.github.io/tryhackme…
0
2
4
Undev Ninja retweeted
2
2
9
It's time.
I made my own mini-site/blog to share my research, ideas, etc. :) Lets see if I stick to it :) smelly.wtf/ (note: I tweeted about this yesterday but was having minor technical issues lol shameless retweet)
0
0
3
Undev Ninja retweeted
I made something. :) 0xinfection.github.io/revers… Thanks to @mytechnotalent for all the awesome content!
9
279
735