![](https://www.localpotato.com/localpotato_html/images/image7.png)
Reading view
No more JuicyPotato? Old story, welcome RoguePotato!
![](https://1.bp.blogspot.com/-74LvlyHwtuM/Xw4bETWO70I/AAAAAAAAAFU/_pS6GwnD1s4mu4jQp_p2ptKvUrNnXMR3ACLcBGAsYHQ/w1200-h630-p-k-no-nu/img6.png)
by splinter_code & decoder_it - 11 May 2020 After the hype we ( @splinter_code and me) created with our recent tweet , itβs time t...
Locky Ransomware is back! 49 domains compromised!
![](https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2016/06/locky-ransomware-1.png)
by splinter_code - 26 June 2016 Locky ransomware starts up again its illegal activity of stealing money from their victims after a temporary inactivity since the end of May. This time, it comes with hard-coded javascript...
New Locky variant β Zepto Ransomware Appears On The Scene
by splinter_code - 7 July 2016 New threat dubbed Zepto Ransomware is spreading out with a new email spam campaign. It is a variant of the...
Reverse Engineering a JavaScript Obfuscated Dropper
![](https://1.bp.blogspot.com/-KmKpKN4xoK4/Xw4UARHHVOI/AAAAAAAAAEg/MOKGQemsNAkOFFOyJXgwKW5zKC5LgLmYACLcBGAsYHQ/w1200-h630-p-k-no-nu/main.jpg)
by splinter_code - 31 July 2017 1. Introduction Nowadays one of the techniques most used to spread malware on windows systems is...
Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection
![](https://1.bp.blogspot.com/-kIdCJN2OcQ8/XwHFoMR7X7I/AAAAAAAAAC8/THZ-0pbB-ZgrWCeNfl1Wt5J0NkHaELnQACLcBGAsYHQ/w1200-h630-p-k-no-nu/KiSetupForInstrumentationReturn.png)
by splinter_code - 16 July 2020 Process Injection is a technique to hide code behind benign and/or system processes. This technique is u...
RomHack2020 - Windows Privilege Escalations: Still abusing local service accounts to get SYSTEM privileges
Slides here: https://github.com/antonioCoco/infosec-talks/blob/main/RomHack2020_Windows_Privilege_Escalations_Still_abusing_Service_Acco...
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
![](https://it.sentinelone.com/wp-content/uploads/labs/2021/04/Copy-of-Relaying-Potatoes_-DCE_RPC-NTLM-Relay-EOP-2.jpg)
by splinter_code & decoder_it - 26 April 2021 Executive Summary Every Windows system is vulnerable to a particular NTLM relay attack...
We thought they were potatoes but they were beans (from Service Account to SYSTEM again)
by splinter_code - 6 December 2019 This post has been written by me and two friends: @splinter_code and 0xea31 This is the βunintended...