

Lsass Minidump file seen as Malicious by McAfee AV
Reading Time: 3 minutesThe other day, I was shadowing a colleague of me who was doing a red team. The client was running McAfee AV. While the reputation of that AV isn’t the best, it got a bit in the way for a few minutes. After doing a lateral movement, my...Small list of Windows signed drivers which have vulnerability issues
Reading Time: < 1 minutesIntel Network Adapter Diagnostic Driver of version 1.03.0.7;RTCore64 driver from MSI Afterburner of version 4.6.2 build 15658 and below;Gdrv driver from various Gigabyte TOOLS of undefined version;ATSZIO64 driver from ASUSTeK WinFlash...Zloader Malicious Excel File analysis
Reading Time: 5 minutesI got given by a friend a malicious Excel file that he analyzed as I’m eager to learn more I’m not familiar with MS-Office forensic techniques, hencewhy I found this interesting to look into during my evenings. First, when uploading...Rename Functions for AV signature evading
Reading Time: < 1 minute For academic purpose only.The used of some functions can trigger singature based Anti Virus detection. Example : SystemFunction032 or SamEnumerateUsersInDomain used in same particular programs.in this example let’s try to hide the...Protected: Windows Defender ByPass
Password Protected
To view this protected post, enter the password below:
Recent Comments