Defense-Evasion

2 posts

/ghosttree-ntfs-defender-bypass/featured-image.png

GhostTree Makes Windows Defender Stop Scanning With Two Lines of Code

May 21, 2026

GhostTree makes Windows Defender stop scanning. Two lines of code, no admin rights, and malware sitting right next to it goes completely undetected. A Varonis …

/msbuild-lolbin-fileless-attack/featured-image.png

MSBuild LOLBin: How Hackers Run Malware on Windows Without Leaving a Trace

April 14, 2026

MSBuild.exe is a LOLBin, a legitimate Windows tool being abused to run malware on fully patched machines without dropping a single file on disk, and Windows …