Olivia
Online
Cyrille HERBY
@cyssboy
Touche à tout : Python, PHP, Java, AD, Firewall, CCNA, ITIL, Kali, Metasploit, Wireshark, IDA, GDB...
mais aussi musicien (accordéon, batterie, percu...)
Bretagne - FRANCE
Joined November 2010
381 Following
413 Followers
4.7K Posts
Very cool. Unwind data means we can stomp PIC over a DLL and get nice call stacks.
We’re happy to announce that our EDR Internals & Development training is now in its final stages of development.
Over the past several months, an enormous amount of work has gone into building this highly technical & detailed training. The course covers the internals of modern EDR from both user-mode and kernel-mode perspectives, including techniques like syscall hooking, filesystem minifilters, ETW telemetry, memory scanning, kernel callbacks, process instrumentation callbacks, call stack tracing, and anti-tampering mechanisms.
The course concludes with building a limited yet functional custom EDR agent and we test it against several malware techniques to gain practical experience with detection engineering and EDR internals.
This huge undertaking would not have been possible without @GigelV41464 who dedicated countless hours to analyzing different EDR products, building custom implementations, analyzing internal mechanisms, and documenting the techniques with excellent depth and clarity.
The official launch date is scheduled for June 15, 2026 but starting today, we're opening access to an early bird discount of 20% for a limited time.
EDR Internals & Development: https://t.co/oN6qcMjLr2
We updated our Sliver C2 + BallisKit tutorial to adapt to the latest Sliver version.
Learn how to use ShellcodePack/MacroPack to harden Sliver implants and turn them into initial access payloads!
More C2 tutorials available on the blog (Adaptix, Mythic)
https://t.co/9B2trqBSyk
MAE focuses on practical, real-world offensive tradecraft including malwareless operations, tunnelling, AD CS abuse, cloud pivoting, and detection-aware operations.
Save 10% off MAE -
Discount code: LTR101-10Y
Valid until the end of August 2026.
Who to follow
Another Windows zero day released by Nightmare Eclipse (sort of)
It turns out Microsoft just straight up didn't patch an old CVE from 2020 correctly.
https://t.co/sNWBtTo4at
✍️ Yesterday, I wrote about EntryPoint Hijacking (a stealth process injection technique), including a proof of concept and a tool to detect this behaviour.
⬆️ If you want to elevate your detection approach and validate your defences, read the article.
The diagram below visualises the technique:
https://t.co/21D1KT2ozL
NativeDump
Minidumps using native API only to dump LSASS memory, a tool by Ricardo Ruiz (@RicardoJoseRF )
Source: https://t.co/9jXEHLNkQN
#redteam #blueteam #maldev #malwaredevelopment
VulHunt by @binarly_io
https://t.co/ovsuyb5E26
Blog post series:
https://t.co/UzipgZw8la
https://t.co/F6E4OyqRAy
https://t.co/YG4tPvcDDt
https://t.co/24WivmtGZs
https://t.co/aGYL9HFo4B
#infosec
Silencing the EDR Silencers
Analysis of techniques to disable or silence EDR agents and some countermeasures, a post by Jonathan Johnson (@JonnyJohnson_ )
Source: https://t.co/9zEduFiN4S
#redteam #blueteam #maldev #malwaredevelopment
Built a custom version of Crystal Palace's linkserve. It adds an option to bind to 0.0.0.0 and takes an auth key in the HTTP request. Works great with Docker.
redStack is a Boot-to-Breach red team lab on AWS. Mythic, Sliver, and Havoc C2 behind a production-style Apache redirector. Deployed via Terraform, to be used for training/self hosted environments.
https://t.co/sEnzOIbaSi
Wyrm for Red Teams
A Rust-based post exploitation, open source, Red Team security testing framework, by @0xfluxsec
Source: https://t.co/ce45r3ieWK
#redteam #blueteam #maldev #malwaredevelopment
Uncensored Open Source LLM models are the future!
From a Regular Red Team Exercise to Developing a Custom C2 Channel over MS Teams https://t.co/dvSbfBTQjF
Launching a WSL process from a Windows process with WslLaunch
https://t.co/W6y9845Xo6
BypassAV list
Map listing essential techniques to bypass anti-virus and EDR, in HTML and markdown format.
A post by matro7ch habibi.
Source: https://t.co/xnLu74dzQa
#redteam #blueteam #maldev #malwaredevelopment
Ho no... Defender... 🥝
Persistence Techniques That Persist
An overview of evolving persistence methods in malware and red team operations.
A post by Ari Novick.
Source: https://t.co/4ZjFy6u4Wi
#redteam #blueteam #maldev #malwaredevelopment
Mythic C2 on EarlyBird.
Leveraging Asynchronous Procedure Calls to execute memory-only shellcode within a legitimate process to avoid detection.
A post by Ivan Spiridonov (@xbz0n)
Source: https://t.co/Ru0iTMSMyV
#redteam #blueteam #maldev #malwaredevelopment
Last Seen Users on Sotwe
艾滋宝宝
Seen from Thailand
나나
Seen from Japan
เบบี้มูไม่หาเอฟมีเยอะแล้ว ขอบคุณ
Seen from Vietnam
littlegirl
Seen from Indonesia
ชอบสาวใหญ่อวบอ้วน
Seen from Thailand
Alan Rose
Seen from Turkey
Enes Boo
Seen from Turkey
Deneme Bonusu Veren Siteler 2026 - 1000 TL Nakit
Seen from Turkey
구타용 노예
Seen from Korea
Jav Hub 
Seen from Indonesia
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers