Home
Culbert Report
Cancel

Detecting When Someone Isnt Who They Say They Are

Using PowerShell To Find Fraudulent DLLs We've talked a lot on here about offensive stuff as of late, so let's shift gears and think about some methods for detecting what we've done. In the image b...

Lessons In C2 From The CIA

Intro I've always wanted to make my own C2 framework but have never really found the inspiration to, until I came across a post from Byt3bl33d3r talking about modernizing the CIA's C2 framework. Th...

Custom Encoding For Shellcode

Tired of your payloads constantly getting detected? Tried MSFVenom and still have had no luck with making it past EDR?  Then read on for to how to make your own encoder. Preface: Before we ge...

Can You Tell Real From Fake: Lightshot Malware Campaign

Background: Lightshot is a utility for Windows and Macs that allows you to take screenshots of select portions of your screen. It's handy if you don't want to use the built in Windows function whic...

DLL Hijacking

What is DLL hijacking? DLL hijacking is an adversarial technique for exploiting trusted applications in order to load malicious code. There are many more advanced techniques than what I will displa...

CVE-2020-13958 Full Kill Chain

CVE-2020-13958 - Breakdown In the simplest of terms, CVE-2020-13958 is an issue with OpenOffice where, upon opening specially crafted documents, a program or webpage can be opened with no user inte...

Defeating Defender

Causing issues with compilation

Examining Python Malware And AV Detection

<h2 style="text-align: left;">What does Python malware look like?</h2><h3 style="text-align: left;">It comes in many flavors</h3><p style="text-align: left;">Python ma...

Is Windows Defender Up To Par?

How Effective Is Defender? Short answer: Effective Enough Long answer: Read on Testing Methodology:     I have a bunch of random malware samples on my PC ranging from Mimikatz to ra...

Using YARA To Detect Python Executables

Python malware is on the rise, with many low level criminals switching to it for it's ease of use, low entry level, and many libraries available to choose from. However, the most widely used tools ...