Blog

Revisiting MiniFilter Abuse Techniques to Blind EDR

Revisiting MiniFilter Abuse Techniques to Blind EDR

18 September 2024

Revisiting minifilter abuse techniqes to blinding EDR.

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

23 July 2024

Blocking EDR telemetry via PitM network filtering attacks

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

21 May 2024

The distinction between traditional Connect Sync and the new Cloud Sync lies in the shifting TTPs from a hacker's perspective.

LSASS rings KsecDD ext. 0

LSASS rings KsecDD ext. 0

29 April 2024

Overview of the recent KexecDD exploit.

Adventures in Stegoland

Adventures in Stegoland

03 April 2024

Adventures with a stego shellcode loader.

Abusing MiniFilter Altitude to blind EDR

Abusing MiniFilter Altitude to blind EDR

27 March 2024

A way of blinding EDR using minifilter altitude.

Older Posts →

Contact

Get in touch

Email:

contact@tierzerosecurity.co.nz

Book a meeting with the team:

Schedule a time