You're right. We need to be the authors of everything, so we know how to defend against it. Leaving 10% to malicious actors where we can only react to it, is unacceptable. 100% it is!!!

Kill chain is a flawed concept when conceptualizing anything beyond the most basic of threats. We need to move past that mind set and see the bigger, more creative picture.

Is this the same person writing or are you sharing ur account? blog.0day.rocks/hiding-through…

Yes, the negative impact of this being used by criminals is way less than many other things being released. Also, it was already used before publication. It’s a calculated risk. The keyword here being "calculated".

yes. Logging/alerting for using SeDebugPrivilege for example.

When most of those tools are detected easily and many use vulns easily patched, i dont think the community is to blame. Especially when that same community has been trying to get orgs to patch for decades now

How many APTx reley in FOS OST ?

yep, so i can sell more malware and exploits to SK, that will contain backdoors. And sec tests will get more time consuming so it will be more time for attacker. It will be nOce. )