hadess

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook

Leave a Comment / Case Study / By hadess

The Windows Downdate attack, as detailed in the sources, hinges on the manipulation of the Windows Update process to achieve a persistent, invisible, and undetectable downgrade of critical system components. The attacker exploits a vulnerability in the update process by crafting a malicious action list (Pending.xml) that instructs the system to replace specific files with …

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook Read More »

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond

Leave a Comment / White Paper / By hadess

The “Windows Downdate” vulnerability, identified and demonstrated by researcher Anon Leviev, is a downgrade attack technique that leverages Windows Update mechanisms to reintroduce older, vulnerable versions of system files. By circumventing normal update verification checks, this attack allows malicious actors to downgrade essential system components like the Windows kernel, Hyper-V hypervisor, and other critical drivers, …

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond Read More »

Art of Post-Exploitation EBook

Leave a Comment / Case Study / By hadess

Art of Post-Exploitation

Leave a Comment / White Paper / By hadess

Post-exploitation in red teaming involves navigating and exploiting a compromised system to achieve deeper control and further access to sensitive data and networks. This phase follows initial access and lateral movement, focusing on persistence, privilege escalation, and data exfiltration. Key techniques include system enumeration to gather information such as running processes, installed software, and user …

Art of Post-Exploitation Read More »

ROP Gadget Unleashed EBook

Leave a Comment / Case Study / By hadess

“ROP Gadget Unleashed” delves into the intricacies of Return-Oriented Programming (ROP) and its significance in modern exploitation techniques. The article elucidates how attackers leverage existing code snippets, or “gadgets,” within a program’s memory to craft malicious payloads, thus circumventing traditional security mechanisms like Data Execution Prevention (DEP). By chaining these gadgets together, which typically end …

ROP Gadget Unleashed EBook Read More »

ROP Gadget Unleashed

Leave a Comment / White Paper / By hadess

ROP Gadget Unleashed Read More »

Pompompurin Hacker EBook

Leave a Comment / Case Study / By hadess

Pompompurin, the notorious owner of BreachForums, has become a well-known figure in the cybercrime world. BreachForums, an underground marketplace for leaked data and illegal hacking services, quickly gained popularity as a hub for cybercriminals to trade stolen information. Pompompurin, who operated under the cover of anonymity, managed to cultivate a significant following within the dark …

Pompompurin Hacker EBook Read More »

Pompompurin Hacker : An OSINT & Threat Intelligence Analysis

Leave a Comment / White Paper / By hadess

Introduction from raidforum to intelxbroker Threat intelligence and OSINT (Open Source Intelligence) are powerful tools in identifying individuals behind online aliases or nicknames, especially within hacker forums like BreachForums. OSINT relies on the analysis of publicly available data, such as social media profiles, posts, and online interactions, to uncover hidden identities. In the case of …

Pompompurin Hacker : An OSINT & Threat Intelligence Analysis Read More »

System Binary Proxy Execution EBook

Leave a Comment / Case Study / By hadess

System Binary Proxy Execution represents a significant and evolving threat within the cybersecurity landscape, exploiting the very trust that operating systems place in their essential binaries. Attackers’ use of legitimate system processes to execute malicious code challenges traditional security frameworks, which often rely on the assumption that these binaries are inherently safe. This method’s ability …

System Binary Proxy Execution EBook Read More »

System Binary Proxy Execution

Leave a Comment / White Paper / By hadess

Overview System Binary Proxy Execution leverages legitimate Windows binaries (e.g., rundll32.exe, mshta.exe) to execute malicious code. These binaries are trusted by the OS, allowing attackers to bypass security controls like antivirus and application whitelisting by using these tools to proxy malicious actions. Historical Context This technique gained prominence as security defenses improved. Traditional malware detection …

System Binary Proxy Execution Read More »

The Hacker’s Guide to LLMs EBook

Leave a Comment / Case Study / By hadess

The use of Large Language Models (LLMs) in bug bounty hunting has emerged as a transformative approach, significantly enhancing vulnerability detection and threat analysis through automation and real-time intelligence. LLMs like GPT-4 provide powerful tools for identifying security flaws, generating test cases, and supporting continuous monitoring. However, these models are not without risks; they are …

The Hacker’s Guide to LLMs EBook Read More »

Practical LLM Attack Scenarios

Leave a Comment / White Paper / By hadess

1. Introduction to Artificial Intelligence (AI) 1.1 What is AI? Artificial Intelligence (AI) involves the simulation of human intelligence processes by machines, particularly computer systems. These processes include learning (acquiring information and rules for using the information), reasoning (using rules to reach approximate or definite conclusions), and self-correction. AI can handle tasks that typically require …

Practical LLM Attack Scenarios Read More »

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond

Art of Post-Exploitation EBook

Art of Post-Exploitation

ROP Gadget Unleashed EBook

ROP Gadget Unleashed

Pompompurin Hacker EBook

Pompompurin Hacker : An OSINT & Threat Intelligence Analysis

System Binary Proxy Execution EBook

System Binary Proxy Execution

The Hacker’s Guide to LLMs EBook

Practical LLM Attack Scenarios

Services and Products

"Hadess" is a cybersecurity company focused on safeguarding digital assets and creating a secure digital ecosystem. Our mission involves punishing hackers and fortifying clients' defenses through innovation and expert cybersecurity services.

Contact Us

Contact Us

About Us

Blog

DevSecOps Guide

Red Team Guide

Copyright@2024_All Rights Reserved

Free Consultation

For a Free Consultation And Analysis Of Your Business, Please Fill Out The Opposite Form, Our Team Will Contact You As Soon As Possible.