Video yükleniyor...

Video Yüklenemedi

Ana Sayfaya Dön

🚨 I'm looking for a Job🚨 A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess. Project : =========== Looking for roles in User/Kernel mode Malware Dev, Evasion, Reverse Eng, Kernel Exploit Weaponization,...

d1rkmtr's profile picture

Saad AHLA

8,397 subscribers

17,113 görüntüleme • 1 yıl önce •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

7 Yorum

Fawaz - بوجابر profil fotoğrafı
Fawaz - بوجابر1 yıl önce

I was just mentioning your work to a couple of Moroccan friends a few hours ago Great work

Saad AHLA profil fotoğrafı
Saad AHLA1 yıl önce

Thanks, I appreciate it, Fawaz 😁

jian liu profil fotoğrafı
jian liu1 yıl önce

Please PM me, I have a lot of work to do.

jian liu profil fotoğrafı
jian liu1 yıl önce

Hi bro

nemo profil fotoğrafı
nemo1 yıl önce

kool and you will find your job boss

Moppel Mat profil fotoğrafı
Moppel Mat1 yıl önce

No CrowdStrike kill?

Janus Pannonius profil fotoğrafı
Janus Pannonius1 yıl önce

How you signed the driver?

Benzer Videolar

Kernel Mode vs User Mode explained by a retired Windows developer!
16:23

Kernel Mode vs User Mode explained by a retired Windows developer!

Dave W Plummer

126,524 görüntüleme • 1 yıl önce

🚨 THREAT INTELLIGENCE ALERT 🚨 The tool 🇨🇳 KernelGhost820 is being actively sold on the underground market for US$ 2,500, complete with full source code. This is a professional-grade suite with an intuitive graphical interface and six advanced modules, specifically designed for EDR evasion and sophisticated ransomware operations with efficient lateral movement: • EDR Removal Engine: Automatically detects and terminates more than 40 security products (including CrowdStrike, SentinelOne, Microsoft Defender, Kaspersky, and others). Supports Kernel, UserMode, and NTDLL termination modes, kernel driver loading for protected processes, disabling Windows Defender, and blocking telemetry connections. • Ransomware Module: Dual encryption using AES256CBC + RSA2048, supporting over 70 file types (documents, images, databases, backups, etc.). Automatically deletes Volume Shadow Copies to prevent recovery, generates custom ransom notes with Bitcoin addresses and contact emails, and changes the desktop wallpaper. • Remote Operations & Mass Deployment: Connects to remote devices on the local network via WMI (requires username and password). Scans installed software on target hosts, performs process termination, and enables one-click full tool deployment. Includes full-network scanning for open SMB port 445 with real-time progress tracking. • Detailed Process Manager and full Operation Logger (exportable to TXT). This tool significantly lowers the technical barrier for advanced ransomware actors targeting corporate environments. Immediate monitoring recommendations: • Evaluate the resilience of your EDR/XDR controls against kernel-mode bypass techniques • Intensify monitoring of anomalous SMB (port 445) traffic and WMI connections • Strengthen network segmentation and the principle of least privilege Our team is actively tracking this tool and any emerging variants. #ThreatIntelligence #Ransomware #EDRBypass #CyberSecurity #InfoSec #CyberThreat
3:20

🚨 THREAT INTELLIGENCE ALERT 🚨 The tool 🇨🇳 KernelGhost820 is being actively sold on the underground market for US$ 2,500, complete with full source code. This is a professional-grade suite with an intuitive graphical interface and six advanced modules, specifically designed for EDR evasion and sophisticated ransomware operations with efficient lateral movement: • EDR Removal Engine: Automatically detects and terminates more than 40 security products (including CrowdStrike, SentinelOne, Microsoft Defender, Kaspersky, and others). Supports Kernel, UserMode, and NTDLL termination modes, kernel driver loading for protected processes, disabling Windows Defender, and blocking telemetry connections. • Ransomware Module: Dual encryption using AES256CBC + RSA2048, supporting over 70 file types (documents, images, databases, backups, etc.). Automatically deletes Volume Shadow Copies to prevent recovery, generates custom ransom notes with Bitcoin addresses and contact emails, and changes the desktop wallpaper. • Remote Operations & Mass Deployment: Connects to remote devices on the local network via WMI (requires username and password). Scans installed software on target hosts, performs process termination, and enables one-click full tool deployment. Includes full-network scanning for open SMB port 445 with real-time progress tracking. • Detailed Process Manager and full Operation Logger (exportable to TXT). This tool significantly lowers the technical barrier for advanced ransomware actors targeting corporate environments. Immediate monitoring recommendations: • Evaluate the resilience of your EDR/XDR controls against kernel-mode bypass techniques • Intensify monitoring of anomalous SMB (port 445) traffic and WMI connections • Strengthen network segmentation and the principle of least privilege Our team is actively tracking this tool and any emerging variants. #ThreatIntelligence #Ransomware #EDRBypass #CyberSecurity #InfoSec #CyberThreat

Clandestine

40,619 görüntüleme • 1 ay önce

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!
0:38

It's the bug of the month for June 2026! CVE-2026-45657 - A CVSS 9.8 vulnerability in Kernel that allows remote, unauthenticated code execution at SYSTEM without user interaction. Yikes!

TrendAI Zero Day Initiative

31,835 görüntüleme • 9 gün önce

🚨 New advisory was just published! 🚨 An out-of-bounds write vulnerability in the Linux kernel achieves local privilege escalation on Ubuntu 22.04 for active user sessions:
2:06

🚨 New advisory was just published! 🚨 An out-of-bounds write vulnerability in the Linux kernel achieves local privilege escalation on Ubuntu 22.04 for active user sessions:

SSD Secure Disclosure

174,881 görüntüleme • 1 yıl önce

🎥 QEMU Dev Starter guide, Part 1 The QEMU codebase can be quite daunting for new developers, Anton with this talk aims to give an overview of both the major APIs one might encounter as well as the high control flow of user-mode emulation.
37:41

🎥 QEMU Dev Starter guide, Part 1 The QEMU codebase can be quite daunting for new developers, Anton with this talk aims to give an overview of both the major APIs one might encounter as well as the high control flow of user-mode emulation.

rev.ng

21,797 görüntüleme • 3 ay önce

At Black Hat tomorrow!! "Close Encounters of the Advanced Persistent Kind: Leveraging Rootkits for Post-Exploitation" by b33f | 🇺🇦✊ and I. Come if you want to learn cool kernel techniques and evade those pesky mitigations. Sneak peak demo: leveraging 0-day to load our rootkit 😎
0:44

At Black Hat tomorrow!! "Close Encounters of the Advanced Persistent Kind: Leveraging Rootkits for Post-Exploitation" by b33f | 🇺🇦✊ and I. Come if you want to learn cool kernel techniques and evade those pesky mitigations. Sneak peak demo: leveraging 0-day to load our rootkit 😎

chompie

101,403 görüntüleme • 2 yıl önce

WIRED DEV UPDATE There's a lot of developments going on for the Wired Project. I'll highlight some in this thread! Firstly (and finally), WIRED Trigger: User Clicks User
0:37

WIRED DEV UPDATE There's a lot of developments going on for the Wired Project. I'll highlight some in this thread! Firstly (and finally), WIRED Trigger: User Clicks User

Jonas

31,931 görüntüleme • 1 yıl önce

Join the Tooling, Process and Training Team to help develop the equipment that will help build a world of amazing abundance – Design advanced tooling – Streamline service processes – Deliver new training approaches to maximize fleet health Roles based in Hayward, California
0:52

Join the Tooling, Process and Training Team to help develop the equipment that will help build a world of amazing abundance – Design advanced tooling – Streamline service processes – Deliver new training approaches to maximize fleet health Roles based in Hayward, California

Tesla Recruiting

59,509 görüntüleme • 3 ay önce

#Config2023 Launch 1: Dev Mode A new space in Figma for developers with features that help translate design into code, faster. Read more: Here are all the ways you can use Dev Mode 👇
0:43

#Config2023 Launch 1: Dev Mode A new space in Figma for developers with features that help translate design into code, faster. Read more: Here are all the ways you can use Dev Mode 👇

Figma

617,318 görüntüleme • 3 yıl önce

Example of the speed of the new PSFree WebKit exploit chained with 9.00 kernel exploit.
0:36

Example of the speed of the new PSFree WebKit exploit chained with 9.00 kernel exploit.

MODDED WARFARE

38,650 görüntüleme • 2 yıl önce

PS4 8.00 No USB Jailbreak Lapse Kernel Exploit!
0:29

PS4 8.00 No USB Jailbreak Lapse Kernel Exploit!

Andrew2007

13,981 görüntüleme • 1 yıl önce

A cheat code that can be unlocked in CS2 Premier mode has just been detected. It is not recommended to play Premier mode for a while. Each user can open a cheat with 1 code.
0:23

A cheat code that can be unlocked in CS2 Premier mode has just been detected. It is not recommended to play Premier mode for a while. Each user can open a cheat with 1 code.

CS2 NEWS

905,778 görüntüleme • 2 yıl önce

Geometry of Machine Learning Models - Gaussian Process Kernel In 1948 Norbert Wiener framed prediction as a correlation problem, and in the 1970s George Wahba clarified that picking a smoothness preference is the same as picking a kernel. The motivation is that whenever data i s sparse and noisy, you don't just want a fit, you want a fit with calibrated uncertainty.
0:30

Geometry of Machine Learning Models - Gaussian Process Kernel In 1948 Norbert Wiener framed prediction as a correlation problem, and in the 1970s George Wahba clarified that picking a smoothness preference is the same as picking a kernel. The motivation is that whenever data i s sparse and noisy, you don't just want a fit, you want a fit with calibrated uncertainty.

Mathelirium

15,625 görüntüleme • 3 ay önce

Did you know that you can use GitHub Copilot in notebooks? Accept and run generated code with just a click. You can even attach variables from the Jupyter kernel in your requests ✨
0:36

Did you know that you can use GitHub Copilot in notebooks? Accept and run generated code with just a click. You can even attach variables from the Jupyter kernel in your requests ✨

Visual Studio Code

44,371 görüntüleme • 1 yıl önce

An anonymous user preserved a whopping 23 Konami i-mode games, including the the keitai-exclusive Gradius NEO and its sequel Gradius NEO Imperial. The full list of games is in the replies. The DoJa 5.1 SDK does not run these games very well, in addition to poor sound emulation.
1:13

An anonymous user preserved a whopping 23 Konami i-mode games, including the the keitai-exclusive Gradius NEO and its sequel Gradius NEO Imperial. The full list of games is in the replies. The DoJa 5.1 SDK does not run these games very well, in addition to poor sound emulation.

RockmanCosmo

21,285 görüntüleme • 1 yıl önce

Writing a CUDA kernel requires a shift in mental model. Instead of one fast processor, you manage thousands of tiny threads. Here is the code and the logic explained for Matrix Multiplication.
4:10

Writing a CUDA kernel requires a shift in mental model. Instead of one fast processor, you manage thousands of tiny threads. Here is the code and the logic explained for Matrix Multiplication.

Ashutosh Maheshwari

189,009 görüntüleme • 6 ay önce

❗️Chronomaly: Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable Linux kernels v5.10.x. GitHub:
0:23

❗️Chronomaly: Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable Linux kernels v5.10.x. GitHub:

Dark Web Informer

12,635 görüntüleme • 5 ay önce

Coming next week: New features in Dev Mode to bring design + dev closer. Annotations (!!), improvements to diffing, plugins, and the VS Code extension. What's shipping January 31 as Dev Mode moves out of free beta →
1:03

Coming next week: New features in Dev Mode to bring design + dev closer. Annotations (!!), improvements to diffing, plugins, and the VS Code extension. What's shipping January 31 as Dev Mode moves out of free beta →

Figma

789,315 görüntüleme • 2 yıl önce

On a previous #TeawithGaryVee I was asked "I'm looking for a job and I constantly interview. I'm working a seasonal job I hate too. How can I kill the interview and get that job?" If you have a question for me, drop it here so my team can add it to the next Rapid Fire Q&A and follow me on
10:46

On a previous #TeawithGaryVee I was asked "I'm looking for a job and I constantly interview. I'm working a seasonal job I hate too. How can I kill the interview and get that job?" If you have a question for me, drop it here so my team can add it to the next Rapid Fire Q&A and follow me on

Gary Vaynerchuk

18,075 görüntüleme • 3 ay önce

Sanctions Hit Linux Kernel, Russian Programmers Banned Biden's Executive Order 14071, forbids Russians from working with or using GPL'd software made in the USA. And that includes the Linux Kernel.
16:40

Sanctions Hit Linux Kernel, Russian Programmers Banned Biden's Executive Order 14071, forbids Russians from working with or using GPL'd software made in the USA. And that includes the Linux Kernel.

The Lunduke Journal

19,412 görüntüleme • 1 yıl önce