All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Centurion: LLM-Assisted Custom Virtual Machine Loader Evades EDR with TLS Bind Shell

By

HackMoN Ai

2h ago· 8 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Master baker tier. Every paragraph earns its place on the tray.

Score100TypeanalysisSentimentneutral

Summary

Praetorian's Centurion is a proof-of-concept virtualized loader that uses a custom x86-64-inspired instruction set architecture (ISA) and a freestanding C runtime to deliver a TLS bind shell entirely within an interpreter layer, evading traditional EDR systems. The project was developed in one week with LLM assistance, demonstrating how AI can accelerate the creation of sophisticated malware techniques. The loader executes a fully functional TLS bind shell that hides inside a custom virtual machine, making detection by security tools significantly more difficult.

Key quotes

· 3 pulled
Attackers are increasingly leveraging custom virtual machines (VMs) to evade traditional endpoint detection and response (EDR) systems.
Praetorian's Centurion pushes this boundary further—a virtualized loader built around a bespoke x86-64-inspired instruction set architecture (ISA) and a freestanding C runtime.
delivering a fully functional TLS bind shell that executes entirely within an interpreter layer, all generated in one week with LLM assistance.
Snippet from the RSS feed
Centurion: Unleashing the LLM-Forged Virtualized Loader That Hides TLS Bind Shells Inside a Custom x86-64 ISA + Video - "Undercode Testing": Monitor hackers

You might also wanna read

LLMs vs. Classical HPO Algorithms: Hybrid Approach Outperforms Both in Hyperparameter Optimization

This research paper compares classical hyperparameter optimization (HPO) algorithms (CMA-ES, TPE) against LLM-based methods for tuning a sma

arxiv.org·3d ago

LLMs vs. Classical HPO Algorithms: Hybrid Approach Outperforms Both in Hyperparameter Optimization

This research paper compares classical hyperparameter optimization (HPO) algorithms (CMA-ES, TPE) against LLM-based methods for tuning a sma

arxiv.org·3d ago

Benchmarking Frontier LLMs on Real-World CVE Patching: Mixed Results and Methodological Challenges

A comprehensive benchmark evaluation of five frontier large language models (LLMs) testing their ability to fix real-world security vulnerab

giovannigatti.github.io·8d ago

BrainKernel: An LLM-Powered Process Manager for Intelligent System Monitoring

BrainKernel is a terminal-based process manager that uses a Large Language Model (LLM) to analyze and manage system processes intelligently.

github.com·5mo ago

Butter Introduces Automatic Template Induction for LLM Response Caching

Butter, an HTTP proxy cache for LLM responses, has introduced automatic template induction for its response caching system. This new feature

blog.butter.dev·5mo ago

JavelinGuard: Low-Cost Transformer Architectures for LLM Security

arxiv.org·1y ago

Containarium: Multi-tenant Linux Development Environments Using LXC Containers

Containarium is an open-source platform that enables running hundreds of isolated Linux development environments on a single virtual machine

github.com·5mo ago