Deep Dive into Stealthy Process Injection Techniques: Exploiting RWX Memory Regions
Attackers can abuse the RWX memory in Windows using secret process injection techniques. A modern defense strategy helps.
Bypassing Windows Security: How SSH Tunnels Can Hide Meterpreter Traffic
A sophisticated attack technique: tunnelling Meterpreter via SSH to evade detection!
Impacket Detection – Part II: Detecting Impacket Attacks with Trovent MDR
Find out how Trovent MDR's rule-based detection engine can be used to detect Impacket attacks.
Impacket Attack Detection: Introducing Yet Another ETW Tracing Tool
Our Trovent Security Research Team developed its own ETW tracing tool. We’ll explain how YAETWi makes life easier for malware analysts and pentesting experts.
Application Control as a Security Measure: How to Avoid Dangerous Configuration Errors
Restricting applications is an important IT protection measure. You must take this into account when configuring application controls.
Bypassing Modern Antivirus: Advanced Windows Token Manipulation with tWATa
This deep dive reveals how a tool we developed in-house inconspicuously duplicates Windows tokens, bypasses antivirus signatures, and opens SYSTEM privileges.