▲ 3 r/purpleteamsec
Threat Analysis: Backdoored Electron Apps Evading Defenses
levelblue.comu/netbiosX — 16 hours ago
u/netbiosX
A stealth approach to Process Injection - EntryPoint Hijacking
ipurple.teamu/netbiosX — 19 hours ago
▲ 3 r/purpleteamsec
magnetar - A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more
github.comu/netbiosX — 2 days ago
▲ 3 r/purpleteamsec
Detecting Remote Thread Creation with Windows Driver
medium.comu/netbiosX — 2 days ago
▲ 1 r/purpleteamsec
Detection Engineering Best Practices: Performance, Readability & Maintenance
kqlquery.comu/netbiosX — 2 days ago
▲ 2 r/purpleteamsec
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
cloud.google.comu/netbiosX — 3 days ago
▲ 7 r/purpleteamsec
Unmanaged PowerShell Execution: Hunting Beyond powershell.exe
detect.fyiu/netbiosX — 4 days ago
▲ 4 r/purpleteamsec
Purple Team Exercise Framework v4 - AI/ML Threat Guidance, Cloud & Identity Coverage, Continuous Purple Teaming and More
github.comu/netbiosX — 4 days ago
▲ 3 r/purpleteamsec
PositiveIntent - Evasive loader for .NET Framework assemblies
github.comu/netbiosX — 7 days ago
▲ 4 r/purpleteamsec
The Accidental C2: Exploring Dev Tunnels for Remote Access
specterops.iou/netbiosX — 8 days ago
▲ 1 r/purpleteamsec
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
gsmll.github.iou/netbiosX — 8 days ago
▲ 1 r/purpleteamsec
UEBA & entity analytics: Why entity record quality matters
elastic.cou/netbiosX — 8 days ago
▲ 2 r/purpleteamsec
Living of the Land - DISM Sandbox Provider Hijack
research.nasbench.devu/netbiosX — 9 days ago
▲ 2 r/purpleteamsec
dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025
huntress.comu/netbiosX — 10 days ago
u/netbiosX — 10 days ago
▲ 2 r/purpleteamsec
u/netbiosX — 12 days ago
▲ 1 r/purpleteamsec
u/netbiosX — 13 days ago
▲ 2 r/purpleteamsec
u/netbiosX — 13 days ago