正在加载视频...

视频加载失败

加载此视频时出现问题。这可能是由于临时网络问题，或视频可能不可用。

Introducing DarkWidow (Dropper/PostExploitation Toolkit): Capabilities: 1. Indirect Dynamic Syscall 2. SSN + Syscall address sorting via Modified TartarusGate approach (Other capabilities are in the comments...)

Soumyani1

1,452 subscribers

30,730 次观看 • 2 年前 •via X (Twitter)

Anya Rossi• Live Now

Private livecam show

10 条评论

Soumyani1 的头像

Soumyani12 年前

3. Remote Process Injection via APC Early Bird 4. Spawns a sacrificial Process as the target process 5. ACG(Arbitrary Code Guard)/BlockDll mitigation policy on spawned process 6. PPID spoofing 7. Cursed Nt Api resolving from TIB 8. Cursed Nt API hash If admin, kill Event Log svc!

Soumyani1 的头像

Soumyani12 年前

Shout out to these guys for directly/indirectly helping me out (Open Source Contribution :)): @SEKTOR7net @VirtualAllocEx @peterwintrsmith @D1rkMtr @Jean_Maes_1994 @0xBoku @_winterknife_

Daniel 的头像

Daniel2 年前

Congratulations, well done!

Soumyani1 的头像

Soumyani12 年前

Thanks a lot sir, ur blog really helping me :)

Bobby Cooke 的头像

Bobby Cooke2 年前

Looks cool, great work!

Soumyani1 的头像

Soumyani12 年前

Your project SPAWN really helped me to build this, previously when I was trying to grant both CIG and ACG mitigation policy to spawned process, I wasn't able to do that. After seeing your code and trying it out, it made much more sense to me. Thanks for that :)

spencer 的头像

spencer2 年前

Interesting. Adding this to my list of fun things to checkout. Nice work

Soumyani1 的头像

Soumyani12 年前

Thank u! Glad my project was able to slid into your "list of interest things" :)

urban.ntdll 的头像

urban.ntdll2 年前

Nice man…

Soumyani1 的头像

Soumyani12 年前

Thank u :)

相关视频

Today, we are introducing RFM-1, our Robotics Foundation Model giving robots human-like reasoning capabilities.

Today, we are introducing RFM-1, our Robotics Foundation Model giving robots human-like reasoning capabilities.

Covariant

118,289 次观看 • 2 年前

🔍 NTSleuth is now live! A new comprehensive Windows Syscall Extraction & Analysis Framework. Still early stages with many ideas brewing, but hope it helps some of you! ✨ Features: • Extracts thousands of syscalls from ntdll.dll & win32u.dll as well as and WOW64 variants • ARM64, x64, x86 support • Extracts and analyzes syscall stub bytes • Auto parameter resolution (1100+ signatures) Identifies Nt/Zw function relationships • Syscall lookup mode • Outputs JSON & C headers 🔗

🔍 NTSleuth is now live! A new comprehensive Windows Syscall Extraction & Analysis Framework. Still early stages with many ideas brewing, but hope it helps some of you! ✨ Features: • Extracts thousands of syscalls from ntdll.dll & win32u.dll as well as and WOW64 variants • ARM64, x64, x86 support • Extracts and analyzes syscall stub bytes • Auto parameter resolution (1100+ signatures) Identifies Nt/Zw function relationships • Syscall lookup mode • Outputs JSON & C headers 🔗

Alex

13,936 次观看 • 9 个月前

Weapons Company with the 31stMEU is enhancing our mission readiness by providing mobile, lightweight indirect fire capabilities in the Indo-Pacific region.

Weapons Company with the 31stMEU is enhancing our mission readiness by providing mobile, lightweight indirect fire capabilities in the Indo-Pacific region.

Department of Defense 🇺🇸

33,701 次观看 • 1 年前

Via alpha testnet is ready & live Our EVM-compatible execution environment extends Bitcoin's capabilities by introducing a scalable execution layer where transactions are processed efficiently Bridge BTC VIA Testnet demo:

Via alpha testnet is ready & live Our EVM-compatible execution environment extends Bitcoin's capabilities by introducing a scalable execution layer where transactions are processed efficiently Bridge BTC VIA Testnet demo:

via

10,631 次观看 • 1 年前

NO OTHER COUNTRY IN THE WORLD HAS THE WEAPONRY OR THE CAPABILITIES THAT THE UNITED STATES HAS.

NO OTHER COUNTRY IN THE WORLD HAS THE WEAPONRY OR THE CAPABILITIES THAT THE UNITED STATES HAS.

DOW Rapid Response

494,973 次观看 • 11 个月前

In order to test the space shuttle Enterprise's landing capabilities, it was carried to 24,000 feet atop a modified 747, and blasted off using explosive charges.

In order to test the space shuttle Enterprise's landing capabilities, it was carried to 24,000 feet atop a modified 747, and blasted off using explosive charges.

Historic Vids

4,669,490 次观看 • 2 年前

ChatGPT, AutoGPT and AgentGPT are in trouble. just changed the game with its new AI capabilities. Introducing AIAgent - A web based automateGPT that is different in a really good way:

ChatGPT, AutoGPT and AgentGPT are in trouble. just changed the game with its new AI capabilities. Introducing AIAgent - A web based automateGPT that is different in a really good way:

Hasan Toor

390,843 次观看 • 3 年前

2026 Art Calendar links! 1. Print Ready PDF 2. Print via Canva Comments notes and other info in replies

2026 Art Calendar links! 1. Print Ready PDF 2. Print via Canva Comments notes and other info in replies

🟥 ⁷ | just a person🥢 ㅇㄹㄹ ᶠᵘᵗᵘʳᵉ'ˢ ᵍᵒⁿⁿᵃ ᵇᵉ ᵒᵏᵃʸ

15,895 次观看 • 7 个月前

📲 Gemma 3n delivers advanced on-device AI with optimized performance and multimodal understanding. Take a closer look at the early preview text capabilities available in Google AI Studio, GenAI SDK, and text/image capabilities via MediaPipe.

📲 Gemma 3n delivers advanced on-device AI with optimized performance and multimodal understanding. Take a closer look at the early preview text capabilities available in Google AI Studio, GenAI SDK, and text/image capabilities via MediaPipe.

Google AI Developers

16,635 次观看 • 1 年前

Iranian nuclear capabilities are not a joke.

Iranian nuclear capabilities are not a joke.

MEP Sebastian Tynkkynen

14,897 次观看 • 2 个月前

Industry partners are significantly enhancing their design capabilities in the country, further strengthening Bharat’s electronics manufacturing ecosystem.

Industry partners are significantly enhancing their design capabilities in the country, further strengthening Bharat’s electronics manufacturing ecosystem.

Ashwini Vaishnaw

17,336 次观看 • 8 个月前

Etw, I barely even know her! If you want to follow my System Call Integrity Layer mini-project (and additionally maybe an Alt Syscall logging tool for researchers) - I have uploaded the initial commit to GitHub: Video demo of the syscall logging module attached for SSNs for NtOpenProcess, NtAllocateVM, NtWriteVm and NtCreateThreadEx. There is something special about writing a driver (in Rust) and getting no BSOD on the first test when dealing pool allocations across threads! #blueteam #edr #redteam #cyber #cybersecurity #infosec #computing #kernel #driver #rust #rustlang #securityresearch #winternals

Etw, I barely even know her! If you want to follow my System Call Integrity Layer mini-project (and additionally maybe an Alt Syscall logging tool for researchers) - I have uploaded the initial commit to GitHub: Video demo of the syscall logging module attached for SSNs for NtOpenProcess, NtAllocateVM, NtWriteVm and NtCreateThreadEx. There is something special about writing a driver (in Rust) and getting no BSOD on the first test when dealing pool allocations across threads! #blueteam #edr #redteam #cyber #cybersecurity #infosec #computing #kernel #driver #rust #rustlang #securityresearch #winternals

flux

16,968 次观看 • 5 个月前

The Takers 🧨 Alabama’s wide receivers are ready to showcase their explosive capabilities in 2025. #RollTide | Gatorade

The Takers 🧨 Alabama’s wide receivers are ready to showcase their explosive capabilities in 2025. #RollTide | Gatorade

Alabama Football

26,448 次观看 • 1 年前

Introducing: The shared discovery engine for Openclaws on Moltbook to chat privately. Starting today: → You & your agent can find other Moltbook agents in the HOL Registry → Chat using XMTP through the official Skill or SDK → Filter by trust score and capabilities↓

Introducing: The shared discovery engine for Openclaws on Moltbook to chat privately. Starting today: → You & your agent can find other Moltbook agents in the HOL Registry → Chat using XMTP through the official Skill or SDK → Filter by trust score and capabilities↓

HOL

23,014 次观看 • 4 个月前

Train to WIN. Multi-Domain Command-Europe, allied forces, trained together during dynamic Front 26 in late January, a large-scale exercise emphasizing the integration of Joint Fires capabilities.

Train to WIN. Multi-Domain Command-Europe, allied forces, trained together during dynamic Front 26 in late January, a large-scale exercise emphasizing the integration of Joint Fires capabilities.

U.S. Army

15,925 次观看 • 3 个月前

One year after introducing Project Astra we've: 🗣️Upgraded voice output to be more natural 🧠 Improved memory capabilities 💻 Added computer control Soon, we’ll bring these capabilities to Gemini Live, Search, glasses, & more!

One year after introducing Project Astra we've: 🗣️Upgraded voice output to be more natural 🧠 Improved memory capabilities 💻 Added computer control Soon, we’ll bring these capabilities to Gemini Live, Search, glasses, & more!

Google AI

16,027 次观看 • 1 年前

The October update for the VS Code AI Toolkit ( is out with so many exciting new features! 🔥Explore the most popular GenAI models in the Model Catalog and experiment with multi-modal capabilities in the Model Playground, all from within VS Code!

The October update for the VS Code AI Toolkit ( is out with so many exciting new features! 🔥Explore the most popular GenAI models in the Model Catalog and experiment with multi-modal capabilities in the Model Playground, all from within VS Code!

Visual Studio Code

154,205 次观看 • 1 年前

1/ It’s finally time for Bitcoin to get privacy. Introducing strkBTC [₿]: a new wrapped Bitcoin token with built-in privacy capabilities. Shield your Bitcoin balances and transfers, or don’t. You choose 🧵

1/ It’s finally time for Bitcoin to get privacy. Introducing strkBTC [₿]: a new wrapped Bitcoin token with built-in privacy capabilities. Shield your Bitcoin balances and transfers, or don’t. You choose 🧵

Starknet (Privacy Arc)

272,741 次观看 • 3 个月前

Introducing RAT: Retrieval Argument Thinking. Extract just the reasoning process from deepSeek-r1 and send it to any LLM via . Boost the second LLM's performance and gain access to missing capabilities like function calling and JSON mode. 👇

Introducing RAT: Retrieval Argument Thinking. Extract just the reasoning process from deepSeek-r1 and send it to any LLM via . Boost the second LLM's performance and gain access to missing capabilities like function calling and JSON mode. 👇

Pietro Schirano

532,880 次观看 • 1 年前

#NintendoSwitch2 is a absolute Hybrid POWERHOUSE! PRAGMATA Switch 2 demo looks AMAZING! This Early build has crazy Visuals at 60fps In Docked AND Portable mode Devs are starting to Tap into Switch 2 advanced capabilities over PS5/Xbox Via Nintenduo World

#NintendoSwitch2 is a absolute Hybrid POWERHOUSE! PRAGMATA Switch 2 demo looks AMAZING! This Early build has crazy Visuals at 60fps In Docked AND Portable mode Devs are starting to Tap into Switch 2 advanced capabilities over PS5/Xbox Via Nintenduo World

NintenGOD

129,512 次观看 • 4 个月前