Blog

Using SYN port scans with source IP spoofing for offensive deception

Using SYN port scans with source IP spoofing for offensive deception

08 January 2025

Deliberately triggering service enumeration alerts for offensive deception.

Windows - Data Protection API Revisited

Windows - Data Protection API Revisited

26 November 2024

Chromium changes related to the DPAPI.

Revisiting MiniFilter Abuse Techniques to Blind EDR

Revisiting MiniFilter Abuse Techniques to Blind EDR

18 September 2024

Revisiting minifilter abuse techniqes to blinding EDR.

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

23 July 2024

Blocking EDR telemetry via PitM network filtering attacks

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

21 May 2024

The distinction between traditional Connect Sync and the new Cloud Sync lies in the shifting TTPs from a hacker's perspective.

LSASS rings KsecDD ext. 0

LSASS rings KsecDD ext. 0

29 April 2024

Overview of the recent KexecDD exploit.

Older Posts →

Contact

Get in touch

Email:

contact@tierzerosecurity.co.nz

Book a meeting with the team:

Schedule a time