by frank | Jul 31, 2023 | AV, Palo Alto, Red team, Security
Reading Time: < 1 minutecyvrfsfd.sys : Palo Alto Networks cyvrlpc.sys : Palo Alto Networks tedrdrv.sys : Palo Alto Networks cyvrmtgn.sys : Palo Alto Networks cyverak.sys : cyvera, Palo Alto Networks tedrpers-7.???.sys : Palo Alto Networks cyinjct.dll : Palo Alto...
by frank | Jul 7, 2023 | Blue Team, Red team, Security, Windows
Reading Time: 2 minutesLast few days, I’ve been playing with the WFP componant of Windows. WFP = Windows Filtering platform Many informations blogs are existing like the great one from Pavel who really deeped dive into it which I recommand to read Introduction...
by frank | Oct 24, 2022 | Palo Alto, Red team, Security
Reading Time: 2 minutesSince Mr. D0x post on XDR : https://twitter.com/mrd0x/status/1514318257112637440 things have improved. https://mrd0x.com/cortex-xdr-analysis-and-bypass/ Palo Alto has introduced an cipher to crypt the techsupport file. Password to be calculated...
by frank | Mar 11, 2022 | Blue Team, Red team, Security, Windows
Reading Time: 3 minutesGithub repo for the tool of Antonio Cocomazzi @splinter_code and Andrea Pierini @decoder_it : https://github.com/antonioCoco/RemotePotato0 Potato what ? In the last few years, we saw tools likes RottenPotato, RottenPotatoN, SweetPotato, Juicy...
by frank | Jan 24, 2022 | Blue Team, Red team, Security, Windows
Reading Time: 6 minutesIn this post, I will explore the RBCD WebClient attack which has been described in many tweets and other forums, but I wanted to understand the main intricasis as I was learning it during a pentest engagement I had the chance to work on. I...
by frank | Jul 23, 2021 | Blue Team, Pwn, Red team, Security, Windows
Reading Time: 4 minutesAll links of articles and tools at the bottom of the page There is nothing new i’ve discovered, this is just a few printscreens of what other people on Twitter were talking and I tested in my Lab to realise the gravity of this ! Since...
Recent Comments