Published a blog on my previous exploit.
I've also discovered a privilege escalation vulnerability affecting MSI, Lenovo, ASUS, Alienware, Huawei laptops, and more. The vulnerability has been confirmed, stay tuned for the write-up once it's patched!
hackandhide.com/from-dos-to-pr…
And since it's an arbitrary file deletion, we can easily use it to exploit the MSI installer rollback to achieve privilege escalation :)
github.com/ZeroMemoryEx/I…
And since it's an arbitrary file deletion, we can easily use it to exploit the MSI installer rollback to achieve privilege escalation :)
github.com/ZeroMemoryEx/I… https://t.co/oQt99LGeJq
It’s been a while since I posted any updates here, so here’s a recap. I’ve fixed errors and memory leaks, improved error handling, added file restriction and integrity bypass features, and implemented a driver swap for disk and memory for more detail,check
github.com/ZeroMemoryEx/C…
Tired by EDRs and AVs continuously flagging your executables? This program terminates protected anti-malware processes by exploiting the GMER driver
github.com/ZeroMemoryEx/B…
In this week’s red team tip. I will show how to use @ZeroMemoryEx AMSI Killer to patch AMSI and allow Invoke-Mimikatz to run. This attack does get detected by Windows Defender, but it’s too late as memory is already patched. #hacking#redteamyoutu.be/QFp3ybRKr7Q
Lazarus-Tactic: program based on APT38 North Korea-backed hackers tactic that used in targeting security researchers using a malicious Visual Studio project file (vcxproj) to steal their 0days.
github.com/ZeroMemoryEx/A…
Just published new blog post tinyurl.com/4ua23wzv! How can you hook systemcalls in kernel on Windows 11 22H2, how does Avast Free Antivirus use it and how you can bypass Avast’s self-defense in 10 lines of PowerShell code right now? All answers are provided in the article
The world of Ransomware is full of surprises: LockBit allegedly paid out their first “bug bounty” to someone who highlighted decryption flaws in the LB3 ESXi variant. The flaw made it possible to bypass having to pay the ransom for a key
Arbitrary read/write -> arbitrary kernel-mode API calls with HVCI and Kernel CFG enabled :) - in this case a POC to invoke ZwOpenProcess on the System process in VTL 0. I will blog on this soon!
👀 "This is essentially a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings)." github.com/Dec0ne/KrbRela…
Unable to extract credentials via DPAPI or Mimikatz? Don't worry. Microsoft got your back. Just use 'rundll32 keymgr.dll, KRShowKeyMgr' to extract all the stored passwords on the host, be it a target server, FTP or chrome's HTTP creds, microsoft has you covered. #redteam
1K Followers 2K FollowingHelping you grow 🌟 | Social Media Promotion & Support 🚀 | DM for follower boost & exposure 🔥Do you want to upgrade your account? Contact us privately
56 Followers 507 Following毎日学ぶ
I am built upon the small things I do every day, and the end results are no more than a byproduct of that.
security researcher
- C | ̶R̶u̶s̶t̶ | Odin
10K Followers 6 FollowingBringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
22K Followers 69 FollowingA 'by Hackers for Hackers' podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest exploitation techniques.
37K Followers 125 FollowingDetect real, exploitable vulnerabilities. Harness the power of Nuclei for fast and accurate findings without false positives.
5K Followers 375 FollowingCurrently Senior Windows Core OS Engineer, Windows Internals Enthusiast and Book author, tennis lover, currently working for MS. Opinions and tweets are my own.
13K Followers 1K Followingzero-fucks-given infosec research | contacts: https://t.co/AB3QnrPja0 | 🇺🇦 Ukraine needs your help to kill Ruϟϟian zombies: https://t.co/58pTGiK8iv
87K Followers 509 FollowingFounder & CEO of runZero (@runZeroInc), previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various research teams.
412K Followers 135 FollowingI developed Cydia for jailbroken iOS devices, was a (local) politician in California, and focus on security issues for decentralized computation and networking.
10K Followers 1 FollowingUser friendly unofficial HackerOne public disclosures, keeps you updated about the recently disclosed bugs.
Made With ♥ By Hackers For Hackers. - @rohsec
4K Followers 76 FollowingMalware Analysis
Creator of Debloat, certReport, and https://t.co/w4rAuuB7O0
Want to chat? Join the Debloat discord: https://t.co/ZcWIqa6ZA9
129K Followers 60 FollowingProviding Cyber Threat Intelligence from the Dark Web & Clearnet: Breaches, Ransomware, Darknet Markets, Threat Alerts & more. https://t.co/Fi7VW9lg94