This is the infosec blog of Aussie PatH, opinions are my own. Code and Examples are on Github.

Posts

• Sep 4, 2021

  Hunting Sliver

• Aug 1, 2021

  Bad BPF - Warping reality using eBPF

• Jul 7, 2021

  Detecting Kernel Hooking using eBPF

• Jul 1, 2021

  ETW on Windows 11 - Initial thoughts

• May 12, 2021

  Gaining Threat-Intelligence the dodgy way

• Feb 22, 2021

  Mapping It Out: Analyzing the Security of eBPF Maps

• Feb 15, 2021

  Using eBPF to uncover in-memory loading

• Dec 16, 2020

  Experimenting with Protected Processes and Threat-Intelligence

• Nov 28, 2020

  Hunting Koadic Pt. 2 - JARM Fingerprinting

• Nov 19, 2020

  Tracking Windows Updates with Git and CI

• Oct 31, 2020

  Getting more out of the Windows Filtering ETW Events

• Jul 21, 2020

  Introducing Sealighter - Sysmon-Like research tool for ETW

• Jan 11, 2020

  Experimenting with Ghidra Scripting

• Jan 11, 2020

  Using Python Bandit to find dodgy packages

• Dec 3, 2019

  Hunting Koadic across Shodan

subscribe via RSS