Blog

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

Effective EDR Telemetry Blocking via Person-in-the-Middle Network Filtering Attacks

23 July 2024

Blocking EDR telemetry via PitM network filtering attacks

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

Microsoft Entra Connect: Connect Sync vs Cloud Sync through a hacker's view

21 May 2024

The distinction between traditional Connect Sync and the new Cloud Sync lies in the shifting TTPs from a hacker's perspective.

LSASS rings KsecDD ext. 0

LSASS rings KsecDD ext. 0

29 April 2024

Overview of the recent KexecDD exploit.

Adventures in Stegoland

Adventures in Stegoland

03 April 2024

Adventures with a stego shellcode loader.

Abusing MiniFilter Altitude to blind EDR

Abusing MiniFilter Altitude to blind EDR

27 March 2024

A way of blinding EDR using minifilter altitude.

Automate evasion and compilation of tools

Automate evasion and compilation of tools

03 March 2024

An intro to automated evasion and compilation of .NET offensive tools.

Older Posts →

Contact

Get in touch

Email:

contact@tierzerosecurity.co.nz

Book a meeting with the team:

Schedule a time