|
You are here |
redops.at | ||
| | | | |
oldboy21.github.io
|
|
| | | | | Ciao World, since I can't get enough of playing around with the Reflective DLL that inspired the very first blog during the Christmas Holiday, after the YOLO Loader I decided to grant the little nasty DLL a new super-power: Indirect syscalls So what I will be addressing here is: Indirect syscall: why and (mostly) references SSN enum and PIC challenges 1 tb of MASM Disclaimer I write code and implement techniques for research and learning purposes only. | |
| | | | |
alice.climent-pommeret.red
|
|
| | | | | [AI summary] This technical article explains four dynamic methods (Hell's Gate, Halo's Gate, FreshyCalls, and Syswhispers2) used by attackers to bypass EDR hooks and retrieve syscall IDs by directly invoking Windows kernel services. | |
| | | | |
blacklight.sh
|
|
| | | | | A beginner's guide to bypassing EDR systems using APC queue injection and direct system calls. | |
| | | | |
blog.pkh.me
|
|
| | | |||