Live Workshop: Attack and Defense: Remote Thread Injection and Detection (Recorded)
We’re excited to share the recorded workshop on Remote Thread Injection and EDR-based detection that took place on January 14. In this session, Uriel and
KNOWLEDGE LIBRARY
Immerse yourself in cutting-edge Cybersecurity knowledge from industry-insiders. Access reliable research insights, practical-driven learning hub, and updates on the latest cybersecurity trends.
We’re excited to share the recorded workshop on Remote Thread Injection and EDR-based detection that took place on January 14. In this session, Uriel and
We’re excited to share the recorded workshop on Remote Thread Injection and EDR-based detection that took place on January 14. In this session, Uriel and
Unlock the power of RunDLL32! Learn how to execute DLL functions, invoke control panel dialogs,
Explore BlackByte ransomware: ProxyShell exploits, anti-debugging, and reverse engineering insights. Dive deep into this malware’s
Shell extensions are a powerful feature of the Windows shell that allow developers to extend
Remote Procedure Calls (RPC) are a fundamental mechanism in distributed computing, allowing functions to execute
Remote Procedure Calls (RPC) are a fundamental mechanism in distributed computing, allowing functions to execute
Note: This blog post is designed to complement the accompanying video embedded at the top
We’ll keep you up to date with the latest trends, free content and discounts
In this video, I’ll show you how to debug a DLL file with an IDA
Introduction: Writing a Windows Service Hi, and welcome to this video on writing a Windows
Welcome to this video about Windows Services. In this video, we’ll cover the basics of
Hi, and welcome to this video about an introduction to the Windows Performance Analyzer. We’re
We’re excited to share a special occasion with you – Uriel Kosayev, one of our
In the video, I draw from my 15 years of experience to explain that recognizing
In this malware analysis video, we explore how MuddyWater, an Iranian APT group, utilizes legitimate
When I speak about Hardware Hacking and its crucial role in the safety of our
Some Windows kernel object types can have string-based names, which is one way such objects
Keyboard hooking using Image File Execution Options and pretending to be a debugger.
Ever wondered how many handles you can create in a process? Each process has its
Authors Uriel Kosayev — @MalFuzzer, Hai Vaknin — @VakninHai, Tamir Yehuda — @Tamirye94, Matan Bahar — @Bl4ckShad3 Prologue As red teamers, we are
Many people ask me ‘what are the tools I need to bug in order to
Millions of machines around the world crashed a few days ago, showing the dreaded “Blue
By Uriel Kosayev (@MalFuzzer) Introduction Intel is a very well-known and large company that serves many
(CVE-2020-8842) Introduction MSI TrueColor utility comes as a pre-installed utility program on MSI gaming laptops
In Windows, every process is associated with a parent process, usually the one created it.
As Mac malware becomes more widespread, and as detection mechanisms get more sophisticated, malware actors
There are many processes running on a typical Windows system – here are some of
A well-known features of Windows is the Image File Execution Options registry key located in
Microsoft WslService Unquoted Service Path By Uriel Kosayev Introduction WslService is a deployed service on
Last month, we decided to enrich our knowledge by delving into research on a popular
@2025 TrainSec. All rights reserved. Terms of Use | Privacy Policy