eeriedusk

Online #powershell deobfuscator base on #tree-sitter minusone.skyblue.team

Hunting for the last sudo vulnerability skyblue.team/posts/unsafe-c…

Powershell deobfuscator github.com/airbus-cert/mi…

Scanner for CVE-2024-4040 (CrushFTP VFS Escape) github.com/airbus-cert/CV…

I'm happy to release my last eBPF project: A stealth post-exploitation container. 😈 The idea was to make an easy to use program to fly under the radar of Auditd, ps, netstat, etc... Take a look at nysm! I hope you're gonna like it. 😉 github.com/eeriedusk/nysm

He is awesome: My fellow @eeriedusk from the Airbus CERT added file hashes to process execution event logs to Sysmon for Linux, congrats man! github.com/Sysinternals/S… Let's try to have features parity with the Windows version now.

Applying #yara rules on Time Travel Debugging (#ttd) traces : Welcome yara-ttd !!! #SSTIC github.com/airbus-cert/ya…

🥁 We have the winners of the Hex-Rays Plugin Contest 2022! Our congratulations go to: 🥇 ttddbg by @simsor and @citronneur 🥈 ida_kcpp by Uriel Malin and Ievgen Solodovnykov 🥉 FindFunc by Felix B. Take a look at the full list: hex-rays.com/contests_detai… #PluginContest #IDA

🐧Reversing eBPF using IDA🐧 skyblue.team/posts/ebpf-yag… 🚁🛰️✈️

Here is Knockles 🦔! An eBPF port knocking tool made to remotely open a TCP connection while being completely invisible to port scanners. Enjoy! 🚪🐝 github.com/eeriedusk/knoc…