Adversary Tactics.


Short video series and write-ups on various adversary tactics, offensive tradecraft and exploits.

Bypassing Windows Defender and PPL Protection to dump LSASS without Detection

Bypassing Windows Defender and PPL Protection with PPLBlade to dump LSASS without Detection.

Read more.

2 Sep 2023

#TA0005 #TA0006 #DefenderBypass



Exploiting WinRar Zero-day [CVE-2023-38831]

Our favorite zipping tool WinRAR is affected by a vulnerability that could potentially lead to the execution of unauthorized code.

Read more.

25 Aug 2023

#zeroday #exploit #CVE-2023-38831



Exploiting DirtyPipe [CVE-2022-0847] - Linux Privilege Escalation Vulnerability

Couple of days ago, a cyber security researcher named Max Kellermann published a new privilege escalation vulnerability named DirtyPipe with CVE number 2022-0847.

Read more.

15 March 2022

#privilege-escalation #exploit #T1068 #CVE-2022-0847



Dirty way to silence the Cylance

Bypassing Cylance ThreatProtect/Optics by exploiting elevated access to ignore DLL hooking then dumping credentials without creating any alerts. Demonstrated this dirty trick at Nullcon back in 2020.

Read more.

02 March 2020

#defense-evasion #EDRbypass #TA0005 #dirtyway



Understanding Adversary Tactics

Adversary tactics, also known as attack techniques or tradecraft, are the methods, strategies, and techniques employed by malicious actors to compromise systems, networks, or data.

#adversarytactics #adversarytradecraft #TTPs