SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges and move laterally across networks.
These tools...
Full Spectrum Event Tracing For Windows Detection In The kernel Against Rootkits
Sanctum EDR demonstrates a multi-layered approach to detecting and preventing Event Tracing for Windows (ETW) tampering by rootkits, combining kernel-mode monitoring with user-space protections....
SpyAI : Intelligent Malware With Advanced Capabilities
SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze screenshots from entire monitors.
It utilizes Slack as a...
MalDoc In PDF : A Novel Technique For Evading Detection
The cybersecurity community has recently been alerted to a sophisticated attack method known as "MalDoc in PDF," which involves embedding a malicious Microsoft Word...
RunAs-Stealer : A Credential Stealing Tool
RunAs-Stealer is a sophisticated credential stealing tool that employs three distinct techniques to capture sensitive user information: Hooking CreateProcessWithLogonW, Smart Keylogging, and Remote Debugging....
BypassAV : Techniques To Evade Antivirus And EDR Systems
BypassAV refers to the collection of techniques and tools used to bypass antivirus (AV) and Endpoint Detection and Response (EDR) systems.
These security solutions...
NailaoLoader : Hiding Execution Flow via Patching
NailaoLoader employs sophisticated techniques to obscure its execution flow, leveraging Windows Management Instrumentation (WMI) for lateral movement and file transfer.
Threat actors use WMI...
Ransomware Tool Matrix : The Arsenal Of Cyber Defense
The Ransomware Tool Matrix is a valuable repository designed to catalog tools commonly used by ransomware gangs and extortionist groups.
By leveraging this resource,...
BlackBasta Chat : The Inner Workings Of A Notorious Ransomware Group
The recent leak of Black Basta’s internal communications, spanning over 200,000 chat messages, has provided an unprecedented look into the operations and internal dynamics...
LummaC2 Stealer : Unpacking The Threats Of A Marketed ‘Premium’ Malware
LummaC2 is a commodity malware designed as an information stealer, targeting browsers, cryptocurrency wallets, and authentication data.
Marketed as a "premium" infostealer on underground...