Phantom Security Group

At @phantomcybersec we save your Red Team time and, in-turn, save you money. Operators get to spend more time operating and less developing and debugging. Purchase EvadeX, with our Guarantee that it will bypass your target security product, and your operators will thank you.

When you train with offensive tooling that pushes beyond what most real-world APTs are capable of, real incidents stop feeling chaotic. EvadeX gives red teams access to advanced, continuously evolving evasion so exercises demand clearer thinking than an actual attacker ever will.

EvadeX just got a solid round of upgrades. We’ve recently updated a number of anti-analysis features, improved our C# obfuscator, and expanded the portal with in-depth details and operator resources so you can make your operations more evasive based on the C2 framework you use.

Great talking with Matteo Wong @TheAtlantic the other day about smishing and the Smishing Triad, along with the new Google lawsuit against the group. Highly recommend reading Matteo’s article here: theatlantic.com/technology/202…

drawn-out setups. 💻 This offer is available only to verified members or red teams at legitimate companies based in NATO countries or Australia. Verification is required before a license is issued. Reach out today: info(@)phantomsec.tools

🛑 Stuck trying to bypass EDRs every engagement, or paying providers who make you chain 5 to 10 options before anything even runs? Try EvadeX with a one-week trial you can use on real engagements to test templates, validate evasions, and see how a simple selection beats long, …

A little shocked and awstruck that we are even on the radar of this multi-billion dollar company, but shows we are doing something right.

All while using our simple point and click evasion templates. That outcome demonstrates our focus on practical, repeatable effectiveness rather than flashy one-offs. Learn more at phantomsec.tools

We design EvadeX and our evasion templates to be resilient, not a long, drawn out process of chaining a bunch of steps together to hopefully work on your end. CONT. BELOW

A recent red team engagement highlighted why that approach matters: “We were able to get a working payload using EvadeX and Adaptix C2 that could run commands within a sensitive environment, including interacting with LSA/SAM, without detection from CrowdStrike with Overwatch.”

New EvadeX Release Tonight! This includes multiple new features and execution techniques along with a new C# obfuscater to assist in your post exploration needs.

Register here: lu.ma/6jikit3g

BYOVD is no longer required on modern Windows. a bunch of recent msft kernel patches just shove vulnerable kernel code behind a privilege check. I wonder if we will see threat actors leveraging this like they did BYOVD. no bringing along a driver and loading also means less IOCs

From Hacking to Entrepreneurship: The PhantomSec Story thehackermaker.com/from-hacking-t…

Are you an offensive security engineer, manager, director, or just a 1337 hacker who will be at DEF CON? Join the PhantomSec team after for our Post-DEF CON Meetup! Will be a great place to grab a drink, some food, and to chat with other offsec folks after the busy week.

@phantomcybersec Thought this was cool, so here's a rust library of the PoC in the blog post: github.com/Teach2Breach/p…

FileFix - A ClickFix Alternative mrd0x.com/filefix-clickf…

@S1n1st3rSecuri1 💅

Here it is!!

The wait is over! Our stealthy Windows persistence technique (PhantomPersist) is now out! Read the blog post here: blog.phantomsec.tools/phantom-persis…