Team IT Security (TSEC) Nachrichtenportal Logo

⚠️ HallWatch: Usermode indirect syscall detection


Nachrichtenbereich: ⚠️ Malware / Trojaner / Viren
🔗 Quelle: reddit.com

Hello everyone! I built a C++ usermode detector for indirect syscalls called HallWatch. GitHub: https://github.com/Zypherion-Technologies/HallWatch Most usermode detections hook the start of Nt*... [Weiterlesen]

Sharing is caring on Social Media

Reddit
Telegram
LinkedIn
Xing
Twitter
Whatsapp
Facebook
Flipboard

🔧 Syscalls in Kubernetes: The Invisible Layer That Runs Everything


📈 792.02 Punkte
🔧 Programmierung

🔧 EDR/XDR Bypass and Detection Evasion Techniques: An Investigation of Advanced Evasion Strategies from a Red Team Perspective


📈 501.3 Punkte
🔧 Programmierung

🔧 The Art of Self-Mutating Malware


📈 399.45 Punkte
🔧 Programmierung

🔧 Go System Calls & Blocking: syscall Wrapping, Async vs Sync & GMP Separation


📈 366.16 Punkte
🔧 Programmierung

🔧 Build Your Own Container Runtime in Go: From Zero to a Running Isolated Process


📈 321.78 Punkte
🔧 Programmierung

⚠️ HallWatch: Usermode indirect syscall detection


📈 315.49 Punkte
⚠️ Malware / Trojaner / Viren

🔧 eBPF From Rust: The 34ms Ghost We Couldn’t See


📈 288.49 Punkte
🔧 Programmierung

🔧 Stage 0.2 — Operating System Fundamentals


📈 233.01 Punkte
🔧 Programmierung

🔧 Build a Container from Scratch in Go (Modern Namespaces + cgroup v2)


📈 221.92 Punkte
🔧 Programmierung

🔧 AI's Economic Impact Falls Short: Addressing the Gap Between Investment and Measurable Growth


📈 220.06 Punkte
🔧 Programmierung

🔧 Building a standard library HTTP Client in C, C++, Rust and Python idiomatically: The Rosetta Stone for Systems Programming


📈 217.33 Punkte
🔧 Programmierung

🔧 Seccomp in Docker: Advanced System Call Filtering for a Hardened Container Runtime


📈 199.72 Punkte
🔧 Programmierung

🔧 The Trusted Document Problem: Why Indirect Prompt Injection Is Now Your AI Agent's #1 Security Risk


📈 193.65 Punkte
🔧 Programmierung

🔧 Shipping Your Machine: Building a Container in 50 Lines of Code (Part 2)


📈 155.34 Punkte
🔧 Programmierung

🔧 What the futex? A linux concurrency fundamental


📈 144.25 Punkte
🔧 Programmierung

🔧 10,000 Lines of C, Real x86-64 Assembly for Critical Paths: Building Kernel-Level AI Security


📈 144.25 Punkte
🔧 Programmierung

🔧 Building a Web Server from Scratch (No, Actually)


📈 133.15 Punkte
🔧 Programmierung

🔧 Do LLM Agents Need an OS?


📈 133.15 Punkte
🔧 Programmierung

🔧 # 02 - Understanding eBPF Core Building Blocks


📈 133.15 Punkte
🔧 Programmierung

🔧 SunnyDayBPF: Post-Syscall User-Buffer Telemetry Deception with eBPF


📈 133.15 Punkte
🔧 Programmierung

🔧 Prompt Injection Doesn't Come from Your Users


📈 123.23 Punkte
🔧 Programmierung

🔧 Indirect Prompt Injection: The Complete Guide


📈 123.23 Punkte
🔧 Programmierung

🔧 Prompt Injection: What Security Managers Need to Know


📈 123.23 Punkte
🔧 Programmierung

🔧 The Subtleties of Vulnerability Scanning in Go Projects


📈 123.23 Punkte
🔧 Programmierung

🔧 io_uring Adventures: Rust Servers That Love Syscalls


📈 122.05 Punkte
🔧 Programmierung

🔧 Writing a tiny PID 1 for containers in pure assembly (x86-64 + ARM64)


📈 122.05 Punkte
🔧 Programmierung

🔧 Writing a BPF packet filter on macOS in Go


📈 110.96 Punkte
🔧 Programmierung

🐧 Fixing my broken system while breaking my fixed system: My 2 month beef with my own linux environment


📈 110.96 Punkte
🐧 Linux Tipps

🕵️ KVM Syscall Emulation Debugging erweiterte Rechte [CVE-2017-7518]


📈 110.96 Punkte
🕵️ Sicherheitslücken

📰 Master C and C++ with our new Testing Handbook chapter


📈 103.28 Punkte
📰 IT Security Nachrichten

🕵️ GitHub - Zypherion-Technologies/HallWatch: Usermode detector that catches indirect syscalls.


📈 101.63 Punkte
🕵️ Reverse Engineering

🔧 Building tiny-docker-go in Go: What I Learned from Building a Tiny Docker-like Runtime


📈 99.86 Punkte
🔧 Programmierung

🔧 We Built a 31-Agent AI Team That Hires Itself, Critiques Itself, and Dreams


📈 99.86 Punkte
🔧 Programmierung

🔧 Building Sandboxes into OpenCode: If You Give an LLM a Shell, You Lose (Part 2)


📈 99.86 Punkte
🔧 Programmierung

🔧 Why RISC-V is Perfect for Your Next Scripting Engine Backend


📈 99.86 Punkte
🔧 Programmierung