/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

alice.climent-pommeret.red
| | cocomelonc.github.io
2.3 parsecs away

Travel
| | [AI summary] An author demonstrates a custom C++ implementation of WinAPI GetProcAddress using the Windows PEB to bypass antivirus detection in malware analysis.
| | oldboy21.github.io
4.5 parsecs away

Travel
| | Reflective DLL After some time spent on implementing a Reflective DLL and its beloved Loader/Injector I thought that it could have been a very great first topic for what it might become a long-ish series of blog posts about security, but mostly struggles and C(++). First reason is that I felt like I was struggling a bit finding resources that would really take the topic as a whole and explain any single step, and the reasoning behind it.
| | modexp.wordpress.com
2.2 parsecs away

Travel
| | Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks...
| | bellard.org
20.5 parsecs away

Travel
| [AI summary] The author describes the Obfuscated Tiny C Compiler (OTCC), a minimal self-hosting C compiler created for the IOCCC that generated portable i386 ELF executables from a 2048-byte source code limit.