Breaking Into the Windows Kernel: A Deep Dive into Exploitation Techniques
How do attackers gain access to the kernel? Where are the vulnerabilities that can be exploited? We outline possible approaches here.
Bypassing Modern Antivirus: Advanced Windows Token Manipulation with tWATa
This deep dive reveals how a tool we developed in-house inconspicuously duplicates Windows tokens, bypasses antivirus signatures, and opens SYSTEM privileges.
Deep Dive into Stealthy Process Injection Techniques: Exploiting RWX Memory Regions
Attackers can abuse the RWX memory in Windows using secret process injection techniques. A modern defense strategy helps.
Bypassing Windows Security: How SSH Tunnels Can Hide Meterpreter Traffic
A sophisticated attack technique: tunnelling Meterpreter via SSH to evade detection!
Trovent relies on “Nemesis” for Breach & Attack simulations
Effective protection through realistic attack scenarios: We use powerful technology from our partner PSI for our new offering.
Randomised C2 traffic: Can it be detected?
Is it possible to detect a randomised C2 agent based on network traffic data alone or not? We have tested it thoroughly.
Impacket Detection – Part II: Detecting Impacket Attacks with Trovent MDR
Find out how Trovent MDR's rule-based detection engine can be used to detect Impacket attacks.
Impacket Attack Detection: Introducing Yet Another ETW Tracing Tool
Our Trovent Security Research Team developed its own ETW tracing tool. We’ll explain how YAETWi makes life easier for malware analysts and pentesting experts.
Application Control as a Security Measure: How to Avoid Dangerous Configuration Errors
Restricting applications is an important IT protection measure. You must take this into account when configuring application controls.
How Can C2 Traffic Be Detected in Regular IMAP Data Traffic?
Does the command and control traffic of an attack transmitted via IMAP remain "invisible"? Or can a purpose-built IMAP C2 agent be detected? Our Trovent Security Research Team tested this specific scenario.
Rising costs: Is cyber insurance still worthwhile?
Insurers are becoming increasingly strict and expensive when it comes to cyber insurance. These are the reasons. And here's how you can react to save costs.
ISO 27001: The right way to deal with technical vulnerabilities
Vulnerability management, catalog of measures, processes, tools, etc.: How can the requirements of the old and adapted ISO 27001 be met with regard to technical vulnerabilities? We answer the most important questions for companies.