Came up with a new EDR bypass technique that makes it possible to block the EDR from loading its DLL into our process, preventing any user mode hooks from being deployed. Tested with a few major EDRs, but should theoretically work against most with some tweaks. malwaretech.com/2024/02/bypa...

Bypassing EDRs With EDR-Preloading – MalwareTech

Evading user mode EDR hooks by hijacking the AppVerifier layer

Silly EDR Bypasses and Where To Find Them Abusing exception handlers to hook and bypass user mode EDR hooks malwaretech.com/2023/12/sill...

Silly EDR Bypasses and Where To Find Them – MalwareTech

Abusing exception handlers to hook and bypass user mode EDR hooks.

An Introduction to Bypassing User Mode EDR Hooks malwaretech.com/2023/12/an-i...

An Introduction to Bypassing User Mode EDR Hooks – MalwareTech

Understanding the basics of user mode EDR hooking, common bypass techniques, and their limitations.

Twitter quietly dropped the government identity check requirement for verification, as well as the requirements that the account be 30 days old, have an avatar, and are not impersonating anyone. I was able to get verification on a 2 day old account named Barack Obama with no avatar or posts.

Nah don't really have a preference all the communities are split across everywhere. For infosec stuff Mastodon and LinkedIn are the strongest

Good to know that annoying reply-guys aren't just a mastodon exclusive.

Elon made all the old evil tech companies seem like saints in comparison

Most of the research stopped around July when Twitter killed off the last of the API access, it'll be just vibes going forward

Mastodon is just a tad too chronically online. It needs some more grass touchers there to keep everyone else grounded.

Mastodon and LinkedIn mostly, but some growth on Threads.