• Anzu Etw Nextgeneration Of Soc Rules

  15 Mar 2025

  About in this blog we are going to talk about my recent project called Anzu ETW , it is a tool that I developed to allow SOC/DFIR team to create plugins that use ETW or any other telemtry to log or response against cyber threats. what is ETW ? Event...

• Bypass Cortex Ransomware Protection

  08 Feb 2025

  About in this blog we are going to bypass the ransomware protection from PaloAlto Cortex EDR! how the protection is working ? Cortex EDR is creating a dummy (decoy) files that is not visable to the users but, when any software interact with it then the Cortex EDR will know...

• Polymorphic Signature Change Hash Of The Malware For Every Execution

  04 Feb 2025

  [Polymorphic Signature] Change hash of the malware for every execution About in this blog we are going to talk about make the malware change its own hash by it self for every execution utilizing self deletion method . advantages for red teamer imagine that your malware detected in the environment...

• Exploiting Mt Rand Php 2024

  01 Jan 2025

  This blog post delves into the inner workings of mt_rand(), exposing its weaknesses and demonstrating how these vulnerabilities can be exploited. We’ll examine real-world scenarios and provide insights into more secure alternatives. What is mt_rand in php? This function generates a random value via the Mersenne Twister Random Number Generator...