Shell32.dll, #44 lolbin
www.hexacorn.com/blog/2025/05...
18.05.2025 00:51
๐ 5
๐ 3
๐ฌ 1
๐ 0
Shell32.dll, #44 lolbin
www.hexacorn.com/blog/2025/05...
LOL
This makes me think of when I tried installing FLARE on windows 11. You can still disable defender in GPO, but the installer doesn't see it, there's also web protection that breaks installs ๐ฅฒ
Pretty stoked, finished one of the #DEATHCon2024 threat hunting challenges from a workshop to win swag.
It was a good opportunity to flex:
- initial access / exploitation
- execution
- persistence mechanisms
- exfiltration
While tinkering with SPL for results I needed.
Windows Defender stopping / killing a powershell script to emulate APT29
Me trying to have a good time running malware.
Windows Defender:
"How about, no."
Have you ever considered being part of our team? Check out our article written by my colleague Tim about what our team does and what it's like to be part of the Microsoft incident response team. techcommunity.microsoft.com/blog/microso...
I've liked things so far
Reminds me of what Twitter used to be when it was actually good, but with some additional pieces
I've really enjoyed tinkering with my proxmox server. What's even better is now that I have a public facing web server proxied through Cloudflare I keep getting notifications of attacks on my network ๐ฅฒ
Wrote a brief post about Kasm web, really awesome tool to use for creating persistent as well as ephemeral containers
docs.golgothus.tech/other-resear...
Planning to try and use these for DEATHCON, thankfully I made sure to snapshot my VM before the install in case it broke ๐
