Et c’est là que je l’ai vue,maîtresse de toutes les peurs, assise là,à contempler l’inéluctable,Et je la vis rire pour la première fois,Puis elle se leva, s’en alla au loin,portée par l’appel du destin
AuthorLi_in
You have lost a critical file : Roll back time with ShadowExplorer
🤖 TL;DR If you save over a file by accident on Windows, and you had System Protection or backups enabled, VSS probably created a shadow copy — a hidden snapshot of your file from earlier. ShadowExplorer gives you an easy, GUI-based way to browse and export those previous versions. No time machine needed 🤗! The
Understanding Process Injection
Process injection is a technique used by attackers to inject malicious code into the memory space of a running process. Unlike process hollowing, which replaces the entire executable image of a process, process injection allows the attacker to run their payload within an existing process without altering its main execution flow. This technique is widely
Understanding Process Hollowing
Process hollowing is a stealthy technique used in malware development where an attacker starts a legitimate process and then replaces its executable code with malicious code. This allows the attacker to run their payload while maintaining the illusion that a trusted application is running. To understand how this works, we need to look at how
EDR internals
Understand how an EDR is built with this wonderful illustration