The code related to this blogpost :
- PoCs exploiting vulnerable drivers : https://github.com/xalicex/Killers
- Script to retrieve potential process killer drivers available on LOLDrivers : https://github.com/xalicex/LOLDrivers_finder
Finally done!
My latest article introduce the basics of Windows kernel drivers/internals and how to find and exploit process killer drivers using LOLDrivers 🤓
I hope you'll enjoy it! Thanks M. and @r00tbsd for the proofread !
https://alice.climent-pommeret.red/posts/process-killer-driver/
This article describes a quick way to find easy exploitable process killer drivers. There are many ways to identify and exploit process killer drivers. This article is not exhaustive and presents only one (easy) method. Lately, the use of the BYOVD technique to kill AV and EDR agents seems trending. The ZeroMemoryEx Blackout project, the Terminator tool sold (for 3000$) by spyboy are some recent examples. Using vulnerable drivers to kill AV and EDR is not brand new, it’s been used by APTs, Red Teamers, and ransomware gangs for quite some time.
My new book "Arm Assembly Internals & Reverse Engineering" is up for pre-order!
Save the date for the official launch: May 9th.
Can't wait for you to dive into the world of Arm Assembly!
Check out the official book page for more info:
https://arm-assembly.com
Le CSIRT de la Caisse Nationale De l'Assurance Maladie ouvre un nouveau poste !
Si vous souhaitez mettre votre expertise technique en oeuvre dans un but éthique, social, d'intérêt général et qui a un sens n'hésitez pas à postuler !
(dispo en DM pour toutes questions 😃)
https://cnam-coll.talent-soft.com/offre-de-emploi/emploi-expert-e-securite-du-si-csirt-_4169.aspx
I've been a professional musician since the end days of selling CDs, and I would like to say that having experienced the decline of CD sales because of piracy transition into the paid streaming era it's unambiguous that musicians were better off when mostly everyone was pirating and then some people bought CDs or other merch out of a desire to support vs today when everyone pays a nominal fee to a corporation that pays us nothing and also satisfies their desire to support despite not actually offering support.
I would much rather you pirate anything I have made or worked on vs listening on streaming services, which are an objective nightmare for musicians. Even if you never intend to spend a penny, normalizing piracy is better for us than normalizing the current capitalist-realism nightmare where you get whatever you want and also get to relax into the fiction that you aren't exploiting musicians because you pay the price of one album per month to a giant corporation so you can feel ok about it.
RT @m_haggis
With lots of help from @_josehelps and @mattnotmax, I present a sneak peak of the LOLDrivers Project -
Ability to search, access resources, hashes, CSV and json downloads as well.
Coming soon. We're that much closer to a one stop driver shop.
RT @theluemmel
Did some minor update to the MIFARE PWN blog.
Now with some tips and tricks in regards to identifying tags and handling MIFARE Plus cards > 1k.
http://luemmelsec.github.io/gaylord-M-FOCker-ready-to-pwn-your-MIFARE-tags/
Hello everyone and a happy new year (well, aparently you can see how long it took me to finish this masterpiece :) ). This time we will low dive a little into the world of RFID and NFC. Did you ever want to scare the shit out of your customer in regards to the security of his door locking system? Do you think it is cool to open gates with a Flipper Zero? You like yourself some close combat Red Teaming? Get your Flipper Zero and Proxmarks ready and follow along, as we cover some basics and carry out a variety of attacks. As this is absolute uncharted territory for me, this will (like almost always) be very beginner friendly.
Blackhoodie
Azeria
Swissky 
helena.handbasket