8erg's Avatar

8erg

@8erg.bsky.social

πŸ§ͺ | In The Lab πŸ§‘β€πŸ’» | Cybersecurity Consultant πŸ₯Š | Debugging Life, One Round at a Time

36 Followers  |  49 Following  |  80 Posts  |  Joined: 16.11.2024  |  1.4738

Latest posts by 8erg.bsky.social on Bluesky

Preview
8erg at Taplink

taplink.cc/8erg

17.01.2026 23:51 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

How are you doing?

On my end, took some time off , to clear my mind

I spent the last 2 weeks doing these:

➑️Boxing (I'm always boxing)
➑️Running…walking
➑️Fasting (what can i say, I'm kind of a masochistπŸ˜‚)

Back next week to face the love of my life…

22.08.2025 01:24 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
DLL Proxying with OneDrive 1. PREFACE To further weaponized my malware, i decided to implement a DLL proxying as it is widely used by threat actors and it also gives a lot of place for imagination and creativity. I will be cont...

I just released a blog post about performing a DLL Proxying via OneDriveServiceUpdater.exe.

Why did I chose this one...just because I wanted toπŸ€—.

But you can perform this with any other executable the process is still the same

πŸ”—Link: 8erg.github.io/posts/2025-0...

28.07.2025 03:45 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
screenshot

screenshot

Who can tell me the problem here...?🫠

14.07.2025 18:54 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The zero-day that could've compromised every Cursor and Windsurf user Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat's been patchedβ€”but...

Every vibe coderπŸ™€

The zero-day that could've compromised every Cursor and Windsurf user

(Side note) But even editors like VS Code are prone to having malicious extensions too

www.bleepingcomputer.com/news/securit...

14.07.2025 16:04 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I would say hands down that reverse engineering, it's the most important skill, in cybersecurity or any other fields (try to change my mind)

11.07.2025 23:33 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

who's going to defcon this year?

05.07.2025 05:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image Post image

Here are some tools that I've discovered recently to test/verify AV evasion without burning my signatures:

πŸ”—https://github.com/rasta-mouse/ThreatCheck
πŸ”—https://github.com/BlackSnufkin/LitterBox
πŸ”—https://github.com/CYB3RMX/Qu1cksc0pe

P-S : Qu1cksc0pe, is my favorite for now🀩

04.07.2025 04:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Useful resources:
πŸ”— Official docs: sliver.sh/docs?name=Ge...
πŸ”— Other open source C2s: howto.thec2matrix.com
πŸ”— Installation guide I used:

03.07.2025 03:47 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Key features for those who want the specs:
βœ… Multi-platform support (Windows, Linux, macOS)
βœ… Multiple transports (HTTP, HTTPS, mTLS, DNS, WireGuard)
βœ… Feature extensions via "Armory"
βœ… Much more (honestly, I haven't finished experimenting myself πŸ˜‚)

03.07.2025 03:47 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

πŸ‘‰ Sliver uses msfvenom (linked to Metasploit) for shellcode generation (I didn't really divorce, keeping my options open... πŸ˜‚)
πŸ‘‰ By default, implants will be detected by AV - disable Windows Defender for testing
πŸ‘‰ Requires MSF 6.2+

03.07.2025 03:46 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I think Sliver is an excellent starting point (experts welcome to suggest others!), especially because it doesn't make you leave your terminal (if you don't like your terminal, you need to quit techπŸ˜‚).

03.07.2025 03:46 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I usually use Metasploit as my command & control in labs. It's effective for beginners, but since I want to learn more sophisticated attacks, the ideal is to use a C2 specifically designed for Red Team operations.

03.07.2025 03:46 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I just got divorced...πŸ’” Metasploit, I'm leaving you for SliverC2πŸ˜‚
Jokes aside, I recently experimented with Sliver C2 and wanted to share my experience.
#RedTeam #CyberSecurity #PenetrationTesting

03.07.2025 03:46 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 5    πŸ“Œ 0
Preview
Katz Stealer Threat Analysis - Nextron Systems In-depth analysis of Katz Stealer malware: infection chain, data theft methods, and detection rules with YARA and Sigma examples.

www.nextron-systems.com/2025/05/23/k...

01.06.2025 12:58 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
FluBot Android Malware Technical Analysis - ThreatMon Blog The FluBot it’s an Android malware that targets Android devices and spreads to victims via phishing SMS messages that contain a malicious link to download the FluBot app. Victims click on this li...

FluBot Android Malware Technical Analysis

threatmon.io/flubot-andro...

25.03.2025 07:57 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
300 Malicious 'Vapor' Apps Hosted on Google Play Had 60 Million Downloads 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play.

300 Malicious β€˜Vapor’ Apps Hosted on Google Play Had 60 Million Downloads

The life of an android user...😱

www.securityweek.com/300-maliciou...

24.03.2025 15:59 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Android trojan TgToxic updates its capabilities Intel 471 mobile malware researchers recently discovered a campaign leveraging an updated version of TgToxic, an Android banking trojan. Here's an…

Android trojan TgToxic updates its capabilities

intel471.com/blog/android...

22.03.2025 13:02 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
BTMOB RAT Newly Discovered Android Malware Cyble analyzes BTMOB RAT, advanced Android malware actively spreading via phishing sites, leveraging Accessibility Services to steal credentials, control devices remotely, and execute various maliciou...

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites

cyble.com/blog/btmob-r...

21.03.2025 14:20 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Detecting Banker Malware Installed on AndroidΒ Devices | DevSec Blog Presenting Java detection mechanisms of Android malicious applications (Trojan bankers) that abuse AccessibilityService.

Detecting Banker Malware Installed on Android Devices

devsec-blog.com/2024/03/dete...

20.03.2025 21:22 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease Bitdefender's security researchers have found a huge ad fraud campaign with hundreds of malicious apps in the Google Play Store

Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease

P.S : Just learned recently that we can use native code inside an android app😱 (I know I'm late...)

www.bitdefender.com/en-us/blog/l...

19.03.2025 05:53 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack Uncover the threat of OctoV2, an Android banking Trojan that deceives users through fake AI chatbot applications.

OctoV2 Android Banking Trojan Masquerades as Deepseek AI in Phishing Attack

securityonline.info/octov2-andro...

18.03.2025 15:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
An Analysis of Security System for Intrusion in Smartphone Environment There are many malware applications in Smartphone. Smartphone's users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphoneβ€”whether for business or persona...

An Analysis of Security System for Intrusion in Smartphone Environment

pmc.ncbi.nlm.nih.gov/articles/PMC...

18.03.2025 01:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Android Malware Detection & Protection Malware can target Android devices. Learn how to check for malware on Android & how to protect Android devices from malware.

How to detect and avoid malware on Android devices

www.kaspersky.com/resource-cen...

18.03.2025 01:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Banking data theft attacks on smartphones triple in 2024, Kaspersky reports The number of Trojan banker attacks on smartphones surged by 196% in 2024 compared to the previous year, according to a Kaspersky report β€œThe mobile malware threat landscape in 2024” released at Mobil...

Banking data theft attacks on smartphones triple in 2024, Kaspersky reports

www.kaspersky.com/about/press-...

16.03.2025 23:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Android apps laced with North Korean spyware found in Google Play Google’s Firebase platform also hosted configuration settings used by the apps.

Android apps laced with North Korean spyware found in Google Play

arstechnica.com/security/202...

15.03.2025 08:49 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability Learn how the Google Zero-Day Vulnerability is actively exploited, prompting critical updates from Google, Apple, and Microsoft.

Google, Apple, and Microsoft Rush to Patch Actively Exploited Zero-Day Vulnerability

securityonline.info/google-apple...

15.03.2025 08:45 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - sensepost/objection: πŸ“± objection - runtime mobile exploration πŸ“± objection - runtime mobile exploration. Contribute to sensepost/objection development by creating an account on GitHub.

objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak.

github.com/sensepost/ob...

08.03.2025 19:28 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Any recommendation for it to be less painful?

07.03.2025 01:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

xdaforum is your bestfriend, you'll probably find the steps required for your mobile phone...good luck!

07.03.2025 01:33 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@8erg is following 18 prominent accounts