moth // IntroductionΒ One fateful night in June of 2022, Ethan sent a message to the crew: βAnyone know ways to foolΒ AuditdΒ on Linux?Β IβmΒ trying to figure out how to change theΒ auidΒ (audit [β¦]
The post Auditd Field Spoofing: Now You Auditd Me, Now You Auditdonβt appeared first on Black Hills Information Security, Inc..
Kyle Avery // Introduction This post compliments a presentation I gave at DEF CON 30 β βAvoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More,β which included the [β¦]
The post Avoiding Memory Scanners appeared first on Black Hills Information Security, Inc..
Sally Vandeven // Evading anti-virus scanners has become a bit of a sport around BHIS. Β When we do C2 testing for our customers we start with a host on the [β¦]
The post Click to Enable Content appeared first on Black Hills Information Security, Inc..
Joff Thyer // Β When performing a penetration of test of organizations with Windows desktops, many testers will now resort to using tools like Veilβs Powershell Empire in order to [β¦]
The post Modifying Metasploit x64 template for AV evasion appeared first on Black Hills Information Security, Inc..
Login