Explore >> Select a destination
|
You are here 
|
oldboy21.github.io | ||
| | | | |
bruteratel.com
|
|
| | | | | This blog is in relation to some of the hurdles I've met while debugging and researching various new features for Brute Ratel. Before we get started, let me inform you that this blog is not for beginners. It requires some knowledge about Windows internals, exception handlers, and getting your hands dirty with a debugger, preferably x64dbg. And to add to that, there's limited to near zero information on the web related to this topic, thus I spent the last 24 hours researching and writing this from scratch while being high on caffeine. | |
| | | | |
modexp.wordpress.com
|
|
| | | | | Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks... | |
| | | | |
blog.quarkslab.com
|
|
| | | | | [AI summary] The blog post discusses the implementation of a hooking mechanism for Go programs, focusing on the challenges of intercepting function calls and managing concurrency issues. The approach involves modifying the execution flow of Go functions by inserting custom assembly code to handle stack pivoting, ABI switching, and register saving. This allows for the integration of C functions within Go code while addressing platform-specific limitations and concurrency problems. The post highlights the complexity of working with Go's internal structures and the benefits of using Go for hooking, as it simplifies the manipulation of Go types and data structures. | |
| | | | |
begriffs.com
|
|
| | | How to build, version, and install libraries | ||
