Alex
@xaitax
Turning hacker instincts into boardroom insights.
New Chrome App-Bound Encryption Decryption, centered on a new evasion paradigm: Direct Syscall-Based Reflective Hollowing. 👻 Hollowing > Attaching: The entire injection workflow now targets CREATE_SUSPENDED processes. This gives uncontested control of the address space,…
Hey, @grok, who was the most famous person to visit my profile? It doesn't need to be a mutual, don't tag them, just say who it was.
This but I don’t block people because I grew up on the internet in the 90s
I post. I share strong views. Sometimes to challenge a perspective, sometimes just to hold up a mirror – and yes, sometimes like a bull in a china shop. It’s absolutely essential that you grow a thick skin. Mine’s backed by a block list of 920 people.
Apparently a controversial take here, but AI (bug-bounty) tools climbing to #1 on HackerOne US aren’t about creative hacking but about scale. Thousands of tests 24/7 + smart models = vulnerabilities. It’s the future whether you like it or not. linkedin.com/posts/alexhage…
Next version of my Chrome App-Bound Encryption Decryption tool I am moving away from noisy process injection to a technique I'm coining: Reflective Hollowing. It's a hybrid: 1️⃣ Hollow out a legit process. 2️⃣ Inject a self-contained reflective payload. 3️⃣ The payload loads…
I need to develop an extension to block YouTube shorts - it's showing me now all the Pirate Software shit. If I want TikTok crap I go to TikTok. Please stop!
For anyone interested, Offensive COM hijacking is now available on YouTube. 🤠 youtube.com/watch?v=M_U2ne…
Golden dMSA: One key to rule them all Just found a new flaw in Windows Server 2025's dMSAs that lets attackers brute-force ALL managed service account passwords with 1024 attempts. This research builds on the awesome research Golden gMSA (@YuG0rd ). semperis.com/blog/golden-dm…
Chrome App-Bound Decryptor v0.13.0 has landed with a major stealth overhaul: 🚀 True Direct Syscall Engine: Bypasses user-land EDR/AV hooks on x64 & ARM64 using the "Hell's Gate" technique to find and execute raw syscall/svc gadgets. 🔒 Memory Hardening: Flips the injected…
Fresh release of my Chrome/Edge/Brave App-Bound Encryption decryptor is up. 🚀 Key architectural updates: 🧠 In-Memory Payload: The core DLL is embedded, encrypted with ChaCha20, and decrypted entirely in memory. No unencrypted file touches the disk. ⚙️ Direct Syscall RDI:…
Chrome App-Bound Encryption Decryptor v0.11 is here! 🚀 As a learning project, I've implemented a new Kernel-Level Execution Syscall Engine. It fuses Halo's Gate SSN deduction with a Tartarus Gate fallback for enhanced resilience against EDR hooks - fully operational on x64 &…
Submitted a PR to enhance ReflectiveDLLInjection in @Metasploit: ✅ ARM64 reflective loading (using resolved APIs, not syscalls!) ✅ Refactored x86/64/ARM32 loader ✅ Major injector CLI & feature upgrades ✅ API to pass params to DllMain Details: github.com/rapid7/Reflect……
Needed Reflective DLL Injection for Windows on ARM64 for a project, but public examples were nowhere to be found. So, here you go. My PoC adapts @stephenfewer's classic, detailing TEB/PEB access via x18 for ARM64. Hopefully useful for red team ops & offensive security…
The Windows Registry Adventure #8: Practical exploitation of hive memory corruption googleprojectzero.blogspot.com/2025/05/the-wi…