|
You are here |
cocomelonc.github.io | ||
| | | | |
modexp.wordpress.com
|
|
| | | | | Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks... | |
| | | | |
bohops.com
|
|
| | | | | Introduction Process Injection is a popular technique used by Red Teams and threat actors for defense evasion, privilege escalation, and other interesting use cases. At the time of this publishing, MITRE ATT&CK includes 12 (remote) process injection sub-techniques. Of course, there are numerous other examples as well as various and sundry derivatives. Recently, I was... | |
| | | | |
wsummerhill.github.io
|
|
| | | | | Malware Development Introduction (aka Malware Dev 101), Part 2 - Evasion Basics | |
| | | | |
0xcybery.github.io
|
|
| | | Bypass Windows Defender in Windows 11. | ||