Explore >> Select a destination
|
You are here 
|
www.atredis.com | ||
| | | | |
bohops.com
|
|
| | | | | Introduction Last year, I blogged about Investigating .NET CLR Usage Log Tampering Techniques For EDR Evasion. In that part 1 post, we covered: The purpose of .NET Usage Logs and when they are created How Usage Logs are used to detect suspicious activity Several mechanisms for tampering with Usage Logs to avoid log creation and... | |
| | | | |
gebir.ge
|
|
| | | | | [AI summary] The provided text describes a detailed process of exploiting a Windows system through a REST API endpoint, leveraging DLL hijacking and dynamic code execution. The user outlines the steps taken to gain access, including crafting malicious DLLs, using reflection to load assemblies, and executing commands via PowerShell. The text concludes with a reflection on the learning experience and resources used. | |
| | | | |
m417z.com
|
|
| | | | | This is a write-up of a vulnerability that I discovered in Windows. The vulnerability was patched in December's Patch Tuesday, and the CVE assigned to it is CVE-2023-36003. The vulnerability allows a non-elevated process to inject a DLL into an elevated or otherwise inaccessible process, allowing for privilege escalation. The vulnerability is caused by a lack of security checks in the InitializeXamlDiagnosticsEx API, which is used for inspecting applications that use Extensible Application Markup Language (XAML) for their UI. XAML is the recommended way to build user interfaces in new Windows applications, and is used by more and more built-in applications, including Task Manager and Windows Terminal. | |
| | | | |
www.cybereason.com
|
|
| | | Two critical vulnerabilities, tracked as CVE-2025-53770 and CVE-2025-53771, have been discovered in on-premise Microsoft SharePoint. | ||
