Explore >> Select a destination

You are here

 www.forrest-orr.net
Masking Malicious Memory Artifacts - Part II: Blending in with False Positives
| | thewover.github.io
Emulating Covert Operations - Dynamic Invocation (Avoiding PInvoke & API Hooks) - The Wover - Red Teaming, .NET, and random computing topics
4.3 parsecs away

Travel
| | TLDR: Presenting DInvoke, a new API in SharpSploit that acts as a dynamic replacement for PInvoke. Using it, we show how to dynamically invoke unmanaged code from memory or disk while avoiding API Hooking and suspicious imports.
| | toddcullumresearch.com
Portable Executable File Corruption Preventing Malware From Running - Todd Cullum Research
4.5 parsecs away

Travel
| | Important Disclaimer YOU MUST READ FIRST! Portions of this article contain source code from the Windows Research Kernel. This code is the intellectual property of Microsoft Corporation. I am using this code under special license in this post under these grounds of the license agreement: You may distribute snippets of this software in research... Read More
| | www.huntandhackett.com
Concealed code execution: Techniques and detection
4.2 parsecs away

Travel
| | After months of dedicated research we cover a wide range of concealed code execution techniques and investigate their mechanisms and how to detect them.
| | rot256.dev
ROT256 : Cryptography & Other Random Bits.
20.5 parsecs away

Travel
| A walk-through of real-world AES fault injection for dummies on a shoestring budget. Introduction In the post we will setup a microcontroller which encrypts using AES with an unknown key, then explore how to recover the full AES key from simply (randomly) glitching the power-supply which will introduce faults in the arithmetic during the computation of AES encryption. This post is designed to serve as a tutorial and enable the reader to follow along.