AceLdr is a position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect.
Import a single CNA script before generating shellcode.
Creates a new heap for any allocations from Beacon and encrypts entries before sleep.
Changes the memory containing CS executable code to non-executable and encrypts it (FOLIAGE).
Certain WinAPI calls are executed with a spoofed return address (InternetConnectA, NtWaitForSingleObject, RtlAllocateHeap).
Delayed execution using WaitForSingleObjectEx.
All encryption performed with SystemFunction032.
A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…
In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…
A newly disclosed vulnerability in Microsoft Authenticator could expose one time sign in codes or…
Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…
A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…
Perplexity has unveiled an exciting new feature, Personal Computer, which allows AI agents to seamlessly…