CSNotes Posts About

ad

ADCS
Adm
S4U2 and Delegation
Enum
LDAP
Cred Usage
Relay, Reflect
Replication
Roasting
KRB5 Forgery

ai

Applied
Data manipulation

bin

BinExp
FW RE
RE

crypto

CLI
Hashcracking

dev

vs EDR
IDE & git
Obfuscation
Resolution
Runtime obfuscation

infra svc

gitd
SIEM
SSHD

k8s svc

CD
Cert Managers
CSI
GitOps
IdP
Ingress
Load Balancers
Log Management
Monitoring
Registries
Secrets Management

k8s

Cred Usage
CRI
RBAC abuse
General
Helm
Misconfigs
Recon
Talos
Troubleshooting

net

ARP
BGP
DNS
DRP
FHRP
Libvirt networking
VLAN
VPLS
VXLAN
Wireguard

rf/hw

Cellular
Flash dump
RF
Serial
UEFI
WiFi

sys

Access control
Android
Data Exchange
FS
Linux graphics
Linux misc
MikroTik RouterOS
Persistence
Remote management
UAC bypasses

web2

Recon

Runtime obfuscation

active return address spoofing (synthetic stackframes, moonwalk)

https://dtsec.us/2023-09-15-StackSpoofin/
https://labs.withsecure.com/publications/spoofing-call-stacks-to-confuse-edrs
https://maxdcb.github.io/DreamWalkers/
https://www.elastic.co/security-labs/peeling-back-the-curtain-with-call-stacks
https://hulkops.gitbook.io/blog/red-team/x64-call-stack-spoofing
https://klezvirus.github.io/posts/Moonwalk-plus-plus/
https://github.com/WithSecureLabs/CallStackSpoofer
https://github.com/klezVirus/SilentMoonwalk
https://github.com/susMdT/LoudSunRun
https://github.com/maxDcb/DreamWalkers
https://github.com/NtDallas/Draugr

https://github.com/NtDallas/Draugr https://github.com/HulkOperator/Spoof-RetAddr

rust: https://github.com/joaoviictorti/uwd
https://github.com/rasta-mouse/GadgetHunter