Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook
The Windows Downdate attack, as detailed in the sources, hinges on the manipulation of the Windows Update process to achieve a persistent, invisible, and undetectable downgrade of critical system components. The attacker exploits a vulnerability in the update process by crafting a malicious action list (Pending.xml) that instructs the system to replace specific files with older, vulnerable versions. This manipulation is possible because the attacker can gain control over the Pending.xml file’s registry entry, bypassing Trusted Installer enforcement. By patching the action list parser (PoqExec.exe) and the system integrity checker (SFC.exe), the attacker ensures the persistence of the downgrade and
Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook
The Windows Downdate attack, as detailed in the sources, hinges on the manipulation of the Windows Update process to achieve a persistent, invisible, and undetectable
ROP Gadget Unleashed EBook
“ROP Gadget Unleashed” delves into the intricacies of Return-Oriented Programming (ROP) and its significance in modern exploitation techniques. The article elucidates how attackers leverage existing
Pompompurin Hacker EBook
Pompompurin, the notorious owner of BreachForums, has become a well-known figure in the cybercrime world. BreachForums, an underground marketplace for leaked data and illegal hacking
Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook
The Windows Downdate attack, as detailed in the sources, hinges on the manipulation of the Windows Update process to achieve a persistent, invisible, and undetectable
ROP Gadget Unleashed EBook
“ROP Gadget Unleashed” delves into the intricacies of Return-Oriented Programming (ROP) and its significance in modern exploitation techniques. The article elucidates how attackers leverage existing
Pompompurin Hacker EBook
Pompompurin, the notorious owner of BreachForums, has become a well-known figure in the cybercrime world. BreachForums, an underground marketplace for leaked data and illegal hacking
SAST
Expose secrets, misconfigurations, code mistake, and data breaches before they happen
E-Learning
interactive digital courseware designed to help development teams learn and implement best practices for secure coding
RASP
It's designed to detect and block attacks on applications in real time
Pwn ZO
Endpoint protection delivered as-a-service and backed with breach prevention warranty up to $1M
Hadess Red Team Operation
Flexible and Extensible
Each module below is available on the red team operation platform and its implemented via a single endpoint
Initial Access
PENETRATION TESTING
Endpoint Detection & Response
PRIVILEGE ESCALATION
Extended Detection & Response
SOCIAL ENGINEERING
Integrated Identify Security
Lateral Movement
DISCOVERY
Vulnerability Assessment
story2
story1
…