The Praetorian Labs team was tasked with identifying novel and previously undocumented persistence mechanisms for use in red team engagements. Our primary focus was on persistence techniques achievable through modifications in HKCU, allowing for stealthy, user-level persistence without requiring administrative privileges. Unfortunately, while we identified an interesting persistence technique, the method we discuss in this…
Category: Tools & Techniques
Global Security News, Security Bloggers Network, Tools & Techniques, Uncategorized
ETW Threat Intelligence and Hardware Breakpoints
Learn to bypass EDR detection using NtContinue for hardware breakpoints without triggering ETW Threat Intelligence. This technical blog explores kernel debugging, debug registers, and EDR evasion with code examples. The post ETW Threat Intelligence and Hardware Breakpoints appeared first on Praetorian. The post ETW Threat Intelligence and Hardware Breakpoints appeared first on Security Boulevard.
Global Security News, Security Bloggers Network, Tools & Techniques, vulnerabilities, Vulnerability Research
Tarbomb Denial of Service via Path Traversal
As software applications are built and developed over the years, engineering teams continuously shift perspective on what features to prioritize or de-prioritize. A feature developed five years ago may have no significance today. However, features deemed low priority may still be kept operational for legacy, compatibility, or business requirement reasons. Praetorian discovered such a legacy…