Shlyuz Implant Framework: Part 3 - Initial Release Usage
2022-08-21
Part 1 of this series dove into the influences of Shlyuz. Part 2 of this series dove into the architecture and research of the communication and crypto model. This part hopes to provide a quickstart guide for the current iteration of the released codebase.
Read more... ->Shlyuz Implant Framework: Part 2 - Communication and Encryption
2022-01-19
Part 1 of this series dove into the influences of Shlyuz. This part will dive into the Shlyuz communication protocol and the way cryptography is used.
Read more... ->Shlyuz Implant Framework: Part 1 - Influences
2022-01-08
Overview
I’m excited to finally discuss and share the Proof-of-Concept code for an implant framework I wrote called Shlyuz (шлюз). Shlyuz takes a number of design queues from the Assassin Implant developed by the Central Intelligence Agency as described in the Vault7 Leak from WikiLeaks. Some additional inspirations were taken from some other projects and presentations such as the excellent Flying a False Flag presentation from Blackhat 2019 by Nick Landers, among others.
Read more... ->Tales from the Terminal: Silly Sudo Backdoors
2022-01-07
Overview
I once encountered a situation where I had local, unprivileged user access to a Linux server, and desired to escalate privileges. The server had a number of security monitoring solutions on it (e.g. EDR, shell history auditing), and normal methods that one would rely on to escalate privileges were failing. For example:
Read more... ->Hello World
2022-01-05
It’s time. I’m gonna give blogging another shot. No more fear.
Read more... ->