Excellent article on reverse engineering an electric vehicle charger.. https://www.mnemonic.io/resources/blog/reverse-engineering-an-ev-charger/
Mike Felch 
@ustayready@infosec.exchange
- 760 Followers
- 7 Following
- 17 Posts
Red Teamer / Security Research | Prior: CrowdStrike / Current: BHIS | In Christ’s grip | Pentesting since 1997
It's like.. raw and uncut infosec twitter but without the need for mute words, blocking, and drama. I wonder if it'll stay this way..
Is there a bug bounty on the infosec.exchange Mastodon server? Asking for a friend...
The one thing I do like about Mastodon is my timeline isn’t full of a bunch of junk yet.
I wonder what happens when you drop unpublished tradecraft on Mastodon? 😏 Let's try...
Haven't tested this in a few months but here's a quick method to bypass Crowd^DEL^DEL^DEL^DEL^DEL a well-known EDR using an old loader trick.
1) Compile your C# payload as a .NET DLL
2) Stage the DLL on a network file share
3) Create a simple loader that uses Assembly.LoadFile() and Invoke()
4) Pass the full file share path of the DLL to the loader and execute your method
Most people know about Assembly.Load() but there are a number of alternative System.Reflection Assembly loaders.
UnsafeLoadFrom()
Load()
LoadFile()
LoadFrom()
LoadModule()
ReflectionOnlyLoad()
ReflectionOnlyLoadFrom()
I wonder what happens when you drop unpublished tradecraft on Mastodon? 😏 Let's try...
Haven't tested this in a few months but here's a quick method to bypass Crowd^DEL^DEL^DEL^DEL^DEL a well-known EDR using an old loader trick.
1) Compile your C# payload as a .NET DLL
2) Stage the DLL on a network file share
3) Create a simple loader that uses Assembly.LoadFile() and Invoke()
4) Pass the full file share path of the DLL to the loader and execute your method
Most people know about Assembly.Load() but there are a number of alternative System.Reflection Assembly loaders.
UnsafeLoadFrom()
Load()
LoadFile()
LoadFrom()
LoadModule()
ReflectionOnlyLoad()
ReflectionOnlyLoadFrom()