My intent with the post is to put out documentation for Mimidrv, but also show some of the specifics of why operating in the kernel is so powerful and demonstrate the practical application through existing tooling. 2/3
-
-
Prikaži ovu nit
-
I want to sincerely thank
@gentilkiwi for releasing Mimidrv. It is an invaluable resource for understanding how we can leverage kernel functions for offense
3/3Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
Its surprising we don't see more kernel-level implants. Or maybe the problem is just that - we don't see them.
-
I wanted to provide detection guidance w/ this post for that same reason. The barrier to entry is pretty high, both in development and deployment, so I'm not surprised they aren't more common, but I think we're in a good spot to build robust detections ahead of increased use.
Kraj razgovora
Novi razgovor -
-
-
Very well written, really enjoyed the reading!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.