Explore >> Select a destination

You are here

 www.khyrenz.com
Updated again! Automated USB artefact parsing from the Registry and Event Log
| | port139.hatenablog.com
SANS?????????? ??????? (3) - @port139 Blog
35.6 parsecs away

Travel
| | ????????????????????????????????????????????????????????????????????????????????????????????????????????? RedLine??????????????PID 840???cmd.exe?????????????????MIRAgent.exe???????????????????? MIRAgent?Mandiant????????????????CMD????????????????? ?????CMD.EXE????????????????????????????????????????...
| | www.hexacorn.com
Beyond good ol' Run key, Part 52 | Hexacorn
15.2 parsecs away

Travel
| |
| | www.geekrant.org
Windows 10 close desktop: default action | Geek Rant dot org
8.3 parsecs away

Travel
| |
| | bohops.com
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492) - bohops
122.5 parsecs away

Travel
| Introduction Greetings, Everyone! It has been several months since I've blogged, so it seems fitting to start the New Year off with a post about two topics that I thoroughly enjoy exploring: Application Control/Application Whitelisting (AWL) and the Component Object Model (COM). As the title suggests, I stumbled upon a technique for bypassing Microsoft Application...