I'm glad to share my talk at @botconf.infosec.exchange.ap.brid.gy 2025!
Do you want to know how we compare a sample with 150k others in seconds on @exalyze.bsky.social? This talk is made for you๐
At the end, you'll get a hint on what's coming next for Exalyze ๐
youtube.com/watch?v=TS8X...
exalyze.io
I wanted to know how WMI Win32_OperatingSystem.Caption get the correct Version number (ex: "Microsoft Windows 11 Pro").
Turns out it's a DLL export: winbrand!BrandingLoadString.
And there is a patent for that : patentimages.storage.googleapis.com/94/ab/cb/7c1...
A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. googleprojectzero.blogspot.com/2024/12/wind...
3+ YEARS of stealth! We uncovered new tactics used by the perfctl malware, including a userland rootkit & an SSH backdoor (a single SPACE in /etc/passwd!). More insights: blog.exatrack.com/Perfctl-usin... #cybersecurity #threat_hunting #linux #infosec #perfctl #rootkit #ssh #exatrack