https://lipeozyy.github.io/Ozyymalware analysis | reverse enginer 2026-04-11T11:14:50+00:00 Felipe https://lipeozyy.github.io/ Jekyll © 2026 Felipe /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Toast phishing operations: Abusing Windows notifications for initial access2026-03-09T00:00:00+00:00 2026-03-09T00:00:00+00:00 https://lipeozyy.github.io/posts/Toast-Phishing-Operations-Abusing-Windows-Notifications-for-Initial-Access/ Felipe ⚠️ Disclaimer | Educational Purpose Only This content is provided strictly for educational and research purposes. All techniques, concepts, and examples discussed in this post are intended to support the study of information security, malware analysis, and defensive research in controlled and legal environments. The author does not encourage, support, or condone the use of this materi... Reverse engineering a trojanized VSCode extension2026-03-09T00:00:00+00:00 2026-03-26T19:57:24+00:00 https://lipeozyy.github.io/posts/Reverse-Engineering-a-Trojanized-VSCode-Extension/ Felipe Introduction Hello everyone! Since it’s been a long time since I last brought a malware analysis or reverse engineering post, I’ve decided to share a very interesting case today. I’ve been researching something to showcase here and found a campaign where the artifact poses as a VS Code AI assistance extension. On the surface, it promises to be a “free” code generation assistant, but package ins... Windows Persistence (Part 1): Default file extension hijacking2026-03-09T00:00:00+00:00 2026-03-09T00:00:00+00:00 https://lipeozyy.github.io/posts/Windows-Persistence-(Part-1)-Default-File-Extension-Hijacking/ Felipe ⚠️ Disclaimer | Educational Purpose Only This content is provided strictly for educational and research purposes. All techniques, concepts, and examples discussed in this post are intended to support the study of information security, malware analysis, and defensive research in controlled and legal environments. The author does not encourage, support, or condone the use of this materi... Exploring the Kernel-Mode attack surface: Reverse engineering a vulnerable Driver abused to terminate EDRs2026-03-02T00:00:00+00:00 2026-03-02T00:00:00+00:00 https://lipeozyy.github.io/posts/Exploring-the-Kernel-Mode-attack-surface-Reverse-engineering-a-vulnerable-Driver-abused-to-terminate-EDRs/ Felipe ⚠️ Disclaimer | Educational Purpose Only This content is provided strictly for educational and research purposes. All techniques, concepts, and examples discussed in this post are intended to support the study of information security, malware analysis, and defensive research in controlled and legal environments. The author does not encourage, support, or condone the use of this materi... APC injection2026-03-02T00:00:00+00:00 2026-03-04T02:37:49+00:00 https://lipeozyy.github.io/posts/APC-injection/ Felipe ⚠️ Disclaimer | Educational Purpose Only This content is provided strictly for educational and research purposes. All techniques, concepts, and examples discussed in this post are intended to support the study of information security, malware analysis, and defensive research in controlled and legal environments. The author does not encourage, support, or condone the use of this materi...