blueteamsec !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, r

---

Read more

Members

448

Posts

396

Active Today

14

Created

2 yr. ago

Moderators

---

SSDT Hooking via Alt Syscalls for ETW Evasion

Chinese hackers have seized control. How did we let this happen?

Certiception-ADCS-trap: An ADCS honeypot to catch attackers in your internal network.

The AltSyscalls module is designed merely as the intercept mechanism for using Alternate Syscalls on Windows 11

A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch calc.exe, did it even happen

Following NoName057(16) DDoSia Project’s Targets

Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution

The Enemy Within: Threat Actors Target Subdomains of Trusted Global Brands in Mass Open Redirect Abuse.

DNS Analyzer - Finding DNS vulnerabilities with Burp Suite

A technical analysis of the SALTWATER backdoor used in Barracuda 0-day vulnerability (CVE-2023-2868) exploitation

Research: Zero-Day Shop

Confused about the drama with the new BreachForums? Reading this will either help you or make your head spin

Bluepurple Pulse: week ending June 25th

Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives

Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries

Dissecting TriangleDB, a Triangulation spyware implant

Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads

BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities

Tracing Ransomware Threat Actors Through Stylometric Analysis and Chat Log Examination

CID Lookout: Unsolicited Smartwatches Received by Mail