🙄
p1k4chu@p1k4chu-host
  • About Me
  • Tools
    • Defensive Tools
      • H0neyTr4p
    • Offensive Tools
      • Ransomware Simulator - PyRan
  • Security Research
    • AI Security Research
      • Attacking using (and defending against) Input manipulation attacks against AI
      • (Ab)using AI to attack M365 and other services to conduct plethora of attacks
    • Cloud Security Research
      • Azure Storage Account Security - Attack & Defend: Part 1
      • Attack and Defend Azure Serial Console - Part 1
      • Azure Serial Console Attack and Defense - Part 2
    • Adversarial Tradecraft Research & Detection
      • RDP Exfil - The technique that works almost every time
      • Smishing Traid targets India with large scale "India Post" themed iMessage phish texts
      • Quick Assist: Friend or Foe? How adversaries can exploit this tool and how can you defend?
      • EDR Silencer - Embracing the Silence
      • Dissecting & Detecting Lsass Shtinkering
      • Detecting malicious OOB: Part -1: Hunting for OOB server - Interact.sh
      • Abusing Windows VPN for EXFIL
      • Analyzing Nobelium's HTML Dropper - EnvyScout
    • Web & Mobile App Sec
      • [CVE-2015-2300] ENL-Newsletter CSRF Full Disclosure
      • Yandex Mobile App vulnerable to Insecure Data storage
      • Bug on paypal worth 1000$
      • Session fixation bug on coinbase.
      • CyanogenMod (In)Secure Folder Lock !
  • Security Talk
    • Review of CRTP - Pentester Academy
    • Review of Hacking and Securing Kubernetes
Powered by GitBook
On this page

Was this helpful?

  1. Security Research

Adversarial Tradecraft Research & Detection

This section contains few research articles related to novel and/or seen in the wild adversarial tactics and techniques along with some techniques to detect the activity.

PreviousAzure Serial Console Attack and Defense - Part 2NextRDP Exfil - The technique that works almost every time

Last updated 8 months ago

Was this helpful?

RDP Exfil - The technique that works almost every time
Smishing Traid targets India with large scale "India Post" themed iMessage phish texts
Quick Assist: Friend or Foe? How adversaries can exploit this tool and how can you defend?
EDR Silencer - Embracing the Silence
Dissecting & Detecting Lsass Shtinkering
Detecting malicious OOB: Part -1: Hunting for OOB server - Interact.sh
Abusing Windows VPN for EXFIL
Analyzing Nobelium's HTML Dropper - EnvyScout
Page cover image