StackCrypt: Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume threads
https://github.com/TheD1rkMtr/StackCrypt/tree/main
#bypass #maldev #redteam
https://github.com/TheD1rkMtr/StackCrypt/tree/main
#bypass #maldev #redteam
GitHub
GitHub - SaadAhla/StackCrypt: Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then…
Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume threads - SaadAhla/StackCrypt
🔥16👍3😱2😁1
Кому интересно погрузиться в обнаружение аномалий на хосте вот описание одной из самых действенных техник. По стеку вызовов действительно можно определить нагрузки большинства популярных фреймворков)
https://www.elastic.co/security-labs/peeling-back-the-curtain-with-call-stacks
#redteam #blueteam #maldev
https://www.elastic.co/security-labs/peeling-back-the-curtain-with-call-stacks
#redteam #blueteam #maldev
www.elastic.co
Peeling back the curtain with call stacks — Elastic Security Labs
In this article, we'll show you how we contextualize rules and events, and how you can leverage call stacks to better understand any alerts you encounter in your environment.
👍23🔥5