Hiding your .NET - ETW - XPN InfoSec Blog
In this post we will focus on Event Threading for Windows (ETW), how it is used to surface events on .NET assemblies, and how we can evade this kind of detection.| XPN InfoSec Blog
---| XPN InfoSec Blog
In this post we will focus on Event Threading for Windows (ETW), how it is used to surface events on .NET assemblies, and how we can evade this kind of detection.| XPN InfoSec Blog
Introduction In-memory tradecraft is becoming more and more important for remaining undetected during a red team operation, with it becoming common practice for blue teams to peek in to running...| MDSec
In this post I will be showing how to build a Azure DevOps pipeline for .NET projects, and hopefully show some techniques which I have found useful to modify build artifacts to make them a bit different, and in some cases, to increase the time it takes to analyse our tools if detected by Blue Team.| XPN InfoSec Blog
After the introduction of PowerShell detection capabilities, attackers did what you expect and migrated over to less scrutinised technologies, such as .NET. Fast-forward a few years and many of us...| MDSec
