Explore >> Select a destination
|
You are here 
|
www.atredis.com | ||
| | | | |
m417z.com
|
|
| | | | | This is a write-up of a vulnerability that I discovered in Windows. The vulnerability was patched in December's Patch Tuesday, and the CVE assigned to it is CVE-2023-36003. The vulnerability allows a non-elevated process to inject a DLL into an elevated or otherwise inaccessible process, allowing for privilege escalation. The vulnerability is caused by a lack of security checks in the InitializeXamlDiagnosticsEx API, which is used for inspecting applications that use Extensible Application Markup Language (XAML) for their UI. XAML is the recommended way to build user interfaces in new Windows applications, and is used by more and more built-in applications, including Task Manager and Windows Terminal. | |
| | | | |
bohops.com
|
|
| | | | | Introduction Last year, I blogged about Investigating .NET CLR Usage Log Tampering Techniques For EDR Evasion. In that part 1 post, we covered: The purpose of .NET Usage Logs and when they are created How Usage Logs are used to detect suspicious activity Several mechanisms for tampering with Usage Logs to avoid log creation and... | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
www.uptycs.com
|
|
| | | |||
