Panos Gkatziroulis 🦄

Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advanced evasion techniques against modern EDR systems https://t.co/j26UbHlFkd

I am wondering how many organizations have an effective Control Validation program? Not considering run cases over BAS only, as BAS platforms are the tool, not the program.

Ledger - A Cobalt Strike aggressor script that tracks every operational change made during an engagement. ✅ Services ✅ Firewall Rules ✅ Accounts ✅ Registry keys https://t.co/ybXV8uNKLS

Phantom Killer: Reverse Engineering and Weaponizing a Lenovo Driver to Terminate EDR Processes https://t.co/GugfBxVoV1

Wrote a BOF that is able to execute .NET assemblies in-memory via module stomping so ETW / AMSI are seeing a legitimate GAC assembly instead - https://t.co/IimpD8aZ66

https://t.co/yXFruE186G

New invite link for the Discord community just for 1 day (in the reply). Take advantage of these invites now.

goLoL - a Windows host scanner that finds LOLBAS binaries present on the current machine and lists techniques you can run at your current privilege level with MITRE ATT&CK mappings and example commands https://t.co/0CIRynqovI

Blog showing how AI, JavaScript browser automation, and Microsoft Graph API calls can be used to automate Entra ID tenant destruction and lockout’s. Ransomware, but for Cloud? 🫣 https://t.co/TRbHIt19en

CrabLoader - A PoC Cobalt Strike UDRL written in Rust https://t.co/GumBrbvH3i