Welcome

A GitHub Pages personal blog built with Astro Paper.

Featured

• EDR XDR Bypass and Detection Evasion Techniques: An Investigation of Advanced Evasion Strategies from a Red Team Perspective

  30 Mar 2026

  An in-depth analysis of EDR/XDR evasion techniques from a red team perspective, covering API unhooking, BOF-based in-memory execution, indirect system calls, ETW bypass, kernel callback evasion, and multi-technique coordination strategies.

Recent Posts

• TAMECAT: APT42's New PowerShell Backdoor Targeting Military and Government Officials

  27 Apr 2026

  Technical analysis of the Iranian APT42 group's TAMECAT PowerShell backdoor, featuring fileless execution, Telegram-based C2 channels, multi-layer AES encryption evasion, and VBScript phishing delivery mechanisms targeting high-value military and government personnel.

• 20 Penetration Testing Projects Worth Adding to Your Resume

  23 Apr 2026

  A curated list of 20 practical penetration testing projects that demonstrate real-world skills—from network scanning and web app exploitation to red team simulations and CTF write-ups—to help you stand out in cybersecurity job applications.

• Kimsuky Deploys Malicious LNK Files to Implant Python-Based Backdoor in Multi-Stage Attack

  12 Apr 2026

  Detailed technical analysis of Kimsuky's latest campaign using disguised LNK files that deploy a sophisticated multi-stage attack chain (LNK → XML → VBS → PS1 → BAT) leading to a Python backdoor (beauty.py). Covers persistence via scheduled tasks, data exfiltration through Dropbox, custom C2 protocol, and command set.

• The Art of Self-Mutating Malware

  10 Apr 2026

  An in-depth exploration of self-mutating malware techniques, from polymorphic engines to metamorphic code, and how these evolutionary strategies enable malicious payloads to evade signature-based detection and traditional antivirus defenses.

• [Confidential] U.S. Department of Defense CMMC Cybersecurity Briefing Document Leaked on the Dark Web

  07 Apr 2026

  A threat actor has claimed to be selling a U.S. Department of Defense (DoD) **CMMC** cybersecurity briefing document. The document focuses on the core elements of the **CMMC 2.0** framework, including its implementation processes, compliance requirements, and supporting systems. It serves as a standardized cybersecurity compliance guidance document targeted at Defense Industrial Base (DIB) contractors.