/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

theevilbit.github.io
| | mdanilor.github.io
5.1 parsecs away

Travel
| | A beginers guide into a Windows kernel stack overflow vulnerability from zero to advanced bypasses.
| | modexp.wordpress.com
4.9 parsecs away

Travel
| | Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks...
| | www.malwaretech.com
5.0 parsecs away

Travel
| | Understanding the basics of user mode EDR hooking, common bypass techniques, and their limitations.
| | macrosec.tech
25.8 parsecs away

Travel
| The first thing we need to do is to identify which dll is crucial for discord to run because that is the dll we will use to perform dll hijacking. In order to find out, we need to open the file location of discord and we see: To identify the COM Keys of Chrome that we can use for COM Hijacking, we use the tool Process Monitor to identify all the processes running when Chrome runs, we also discover the COM servers that are missing CLSID's and the ones which don't require elevated privileges. We use the following filters: