8erg
@8erg.bsky.social
🧪 | In The Lab
🧑💻 | Cybersecurity Consultant
🥊 | Debugging Life, One Round at a Time
🧑💻 | Cybersecurity Consultant
🥊 | Debugging Life, One Round at a Time
How are you doing?
On my end, took some time off , to clear my mind
I spent the last 2 weeks doing these:
➡️Boxing (I'm always boxing)
➡️Running…walking
➡️Fasting (what can i say, I'm kind of a masochist😂)
Back next week to face the love of my life…
On my end, took some time off , to clear my mind
I spent the last 2 weeks doing these:
➡️Boxing (I'm always boxing)
➡️Running…walking
➡️Fasting (what can i say, I'm kind of a masochist😂)
Back next week to face the love of my life…
August 22, 2025 at 1:24 AM
How are you doing?
On my end, took some time off , to clear my mind
I spent the last 2 weeks doing these:
➡️Boxing (I'm always boxing)
➡️Running…walking
➡️Fasting (what can i say, I'm kind of a masochist😂)
Back next week to face the love of my life…
On my end, took some time off , to clear my mind
I spent the last 2 weeks doing these:
➡️Boxing (I'm always boxing)
➡️Running…walking
➡️Fasting (what can i say, I'm kind of a masochist😂)
Back next week to face the love of my life…
I just released a blog post about performing a DLL Proxying via OneDriveServiceUpdater.exe.
Why did I chose this one...just because I wanted to🤗.
But you can perform this with any other executable the process is still the same
🔗Link: 8erg.github.io/posts/2025-0...
Why did I chose this one...just because I wanted to🤗.
But you can perform this with any other executable the process is still the same
🔗Link: 8erg.github.io/posts/2025-0...
DLL Proxying with OneDrive
1. PREFACE To further weaponized my malware, i decided to implement a DLL proxying as it is widely used by threat actors and it also gives a lot of place for imagination and creativity. I will be cont...
8erg.github.io
July 28, 2025 at 3:45 AM
I just released a blog post about performing a DLL Proxying via OneDriveServiceUpdater.exe.
Why did I chose this one...just because I wanted to🤗.
But you can perform this with any other executable the process is still the same
🔗Link: 8erg.github.io/posts/2025-0...
Why did I chose this one...just because I wanted to🤗.
But you can perform this with any other executable the process is still the same
🔗Link: 8erg.github.io/posts/2025-0...
Who can tell me the problem here...?🫠
July 14, 2025 at 6:54 PM
Who can tell me the problem here...?🫠
Every vibe coder🙀
The zero-day that could've compromised every Cursor and Windsurf user
(Side note) But even editors like VS Code are prone to having malicious extensions too
www.bleepingcomputer.com/news/securit...
The zero-day that could've compromised every Cursor and Windsurf user
(Side note) But even editors like VS Code are prone to having malicious extensions too
www.bleepingcomputer.com/news/securit...
The zero-day that could've compromised every Cursor and Windsurf user
Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat's been patched—but...
www.bleepingcomputer.com
July 14, 2025 at 4:04 PM
Every vibe coder🙀
The zero-day that could've compromised every Cursor and Windsurf user
(Side note) But even editors like VS Code are prone to having malicious extensions too
www.bleepingcomputer.com/news/securit...
The zero-day that could've compromised every Cursor and Windsurf user
(Side note) But even editors like VS Code are prone to having malicious extensions too
www.bleepingcomputer.com/news/securit...
I would say hands down that reverse engineering, it's the most important skill, in cybersecurity or any other fields (try to change my mind)
July 11, 2025 at 11:33 PM
I would say hands down that reverse engineering, it's the most important skill, in cybersecurity or any other fields (try to change my mind)
who's going to defcon this year?
July 5, 2025 at 5:41 AM
who's going to defcon this year?
Here are some tools that I've discovered recently to test/verify AV evasion without burning my signatures:
🔗https://github.com/rasta-mouse/ThreatCheck
🔗https://github.com/BlackSnufkin/LitterBox
🔗https://github.com/CYB3RMX/Qu1cksc0pe
P-S : Qu1cksc0pe, is my favorite for now🤩
🔗https://github.com/rasta-mouse/ThreatCheck
🔗https://github.com/BlackSnufkin/LitterBox
🔗https://github.com/CYB3RMX/Qu1cksc0pe
P-S : Qu1cksc0pe, is my favorite for now🤩
July 4, 2025 at 4:52 AM
Here are some tools that I've discovered recently to test/verify AV evasion without burning my signatures:
🔗https://github.com/rasta-mouse/ThreatCheck
🔗https://github.com/BlackSnufkin/LitterBox
🔗https://github.com/CYB3RMX/Qu1cksc0pe
P-S : Qu1cksc0pe, is my favorite for now🤩
🔗https://github.com/rasta-mouse/ThreatCheck
🔗https://github.com/BlackSnufkin/LitterBox
🔗https://github.com/CYB3RMX/Qu1cksc0pe
P-S : Qu1cksc0pe, is my favorite for now🤩
I just got divorced...💔 Metasploit, I'm leaving you for SliverC2😂
Jokes aside, I recently experimented with Sliver C2 and wanted to share my experience.
#RedTeam #CyberSecurity #PenetrationTesting
Jokes aside, I recently experimented with Sliver C2 and wanted to share my experience.
#RedTeam #CyberSecurity #PenetrationTesting
July 3, 2025 at 3:46 AM
I just got divorced...💔 Metasploit, I'm leaving you for SliverC2😂
Jokes aside, I recently experimented with Sliver C2 and wanted to share my experience.
#RedTeam #CyberSecurity #PenetrationTesting
Jokes aside, I recently experimented with Sliver C2 and wanted to share my experience.
#RedTeam #CyberSecurity #PenetrationTesting
300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads
The life of an android user...😱
www.securityweek.com/300-maliciou...
The life of an android user...😱
www.securityweek.com/300-maliciou...
300 Malicious 'Vapor' Apps Hosted on Google Play Had 60 Million Downloads
300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play.
www.securityweek.com
March 24, 2025 at 3:59 PM
300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads
The life of an android user...😱
www.securityweek.com/300-maliciou...
The life of an android user...😱
www.securityweek.com/300-maliciou...
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
P.S : Just learned recently that we can use native code inside an android app😱 (I know I'm late...)
www.bitdefender.com/en-us/blog/l...
P.S : Just learned recently that we can use native code inside an android app😱 (I know I'm late...)
www.bitdefender.com/en-us/blog/l...
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Bitdefender's security researchers have found a huge ad fraud campaign with hundreds of malicious apps in the Google Play Store
www.bitdefender.com
March 19, 2025 at 5:53 AM
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
P.S : Just learned recently that we can use native code inside an android app😱 (I know I'm late...)
www.bitdefender.com/en-us/blog/l...
P.S : Just learned recently that we can use native code inside an android app😱 (I know I'm late...)
www.bitdefender.com/en-us/blog/l...
OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack
securityonline.info/octov2-andro...
securityonline.info/octov2-andro...
OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack
Uncover the threat of OctoV2, an Android banking Trojan that deceives users through fake AI chatbot applications.
securityonline.info
March 18, 2025 at 3:05 PM
OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack
securityonline.info/octov2-andro...
securityonline.info/octov2-andro...
An Analysis of Security System for Intrusion in Smartphone Environment
pmc.ncbi.nlm.nih.gov/articles/PMC...
pmc.ncbi.nlm.nih.gov/articles/PMC...
An Analysis of Security System for Intrusion in Smartphone Environment
There are many malware applications in Smartphone. Smartphone's users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone—whether for business or persona...
pmc.ncbi.nlm.nih.gov
March 18, 2025 at 1:25 AM
An Analysis of Security System for Intrusion in Smartphone Environment
pmc.ncbi.nlm.nih.gov/articles/PMC...
pmc.ncbi.nlm.nih.gov/articles/PMC...
Banking data theft attacks on smartphones triple in 2024, Kaspersky reports
www.kaspersky.com/about/press-...
www.kaspersky.com/about/press-...
Banking data theft attacks on smartphones triple in 2024, Kaspersky reports
The number of Trojan banker attacks on smartphones surged by 196% in 2024 compared to the previous year, according to a Kaspersky report “The mobile malware threat landscape in 2024” released at Mobil...
www.kaspersky.com
March 16, 2025 at 11:15 PM
Banking data theft attacks on smartphones triple in 2024, Kaspersky reports
www.kaspersky.com/about/press-...
www.kaspersky.com/about/press-...
Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability
securityonline.info/google-apple...
securityonline.info/google-apple...
Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability
Learn how the Google Zero-Day Vulnerability is actively exploited, prompting critical updates from Google, Apple, and Microsoft.
securityonline.info
March 15, 2025 at 8:45 AM
Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability
securityonline.info/google-apple...
securityonline.info/google-apple...
objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak.
github.com/sensepost/ob...
github.com/sensepost/ob...
GitHub - sensepost/objection: 📱 objection - runtime mobile exploration
📱 objection - runtime mobile exploration. Contribute to sensepost/objection development by creating an account on GitHub.
github.com
March 8, 2025 at 7:28 PM
objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak.
github.com/sensepost/ob...
github.com/sensepost/ob...
Just stumble upon this, shoutout to the creator🙏
The aim of this book is to introduce ourselves in the world of binary instrumentation by using Frida toolkit.
Interesting to see this tool being used for desktop OS
LINK 🔗 : learnfrida.info
The aim of this book is to introduce ourselves in the world of binary instrumentation by using Frida toolkit.
Interesting to see this tool being used for desktop OS
LINK 🔗 : learnfrida.info
Frida HandBook
Frida handbook, resource to learn the basics of binary instrumentation in desktop systems (Windows, Linux, MacOS) with real-world examples.
learnfrida.info
March 5, 2025 at 9:56 AM
Just stumble upon this, shoutout to the creator🙏
The aim of this book is to introduce ourselves in the world of binary instrumentation by using Frida toolkit.
Interesting to see this tool being used for desktop OS
LINK 🔗 : learnfrida.info
The aim of this book is to introduce ourselves in the world of binary instrumentation by using Frida toolkit.
Interesting to see this tool being used for desktop OS
LINK 🔗 : learnfrida.info