Explore >> Select a destination
|
You are here 
|
redteaming.co.uk | ||
| | | | |
macrosec.tech
|
|
| | | | | The first thing we need to do is to identify which dll is crucial for discord to run because that is the dll we will use to perform dll hijacking. In order to find out, we need to open the file location of discord and we see: To identify the COM Keys of Chrome that we can use for COM Hijacking, we use the tool Process Monitor to identify all the processes running when Chrome runs, we also discover the COM servers that are missing CLSID's and the ones which don't require elevated privileges. We use the following filters: | |
| | | | |
pentestlab.blog
|
|
| | | | | DLL Proxy Loading is a technique which an arbitrary DLL exports the same functions as the legitimate DLL and forwards the calls to the legitimate DLL in an attempt to not disrupt the execution flow so the binary is executed as normal. The technique falls under the category of DLL Hijacking and it is typically... | |
| | | | |
pentestlaboratories.com
|
|
| | | | | Microsoft .NET framework is being heavily utilized by threat actors and red teams for defense evasion and staying off the radar during operations. Every .NET binary contains application domains where assemblies are loaded in a safe manner. The AppDomainManager object can be used to create new ApplicationDomains inside a .NET process. From the perspective of... | |
| | | | |
zylinski.se
|
|
| | | In my book Understanding the Odin Programming Language I wrote that "Odin incorporates some of my favorite C best practices, straight into the language". But I didn't really elaborate on the details. Let's do that here! This brings me to talking a bit about a previous job I had. Back in 2021 I worked at a place called Our Machinery. We were creating a whole game engine in plain C. We used a very comfortable and powerful way to program C. | ||
