|
You are here |
pentestlaboratories.com | ||
| | | | |
pentestlab.blog
|
|
| | | | | When a program is starting a number of DLL's are loaded into the memory space of it's process. Windows is searching the DLL's that are required by the process by looking into the system folders in a specific order. Hijacking the search order can be used in red teaming scenarios to identify privilege escalation and... | |
| | | | |
bohops.com
|
|
| | | | | Yes, you read that correctly - "Dynamic Pinvoke" as in "Dynamic Platform Invoke" Background Recently, I was browsing through Microsoft documentation and other blogs to gain a better understanding of .NET dynamic types and objects. I've always found the topic very interesting mainly due to its relative obscurity and the offensive opportunities for defensive evasion.... | |
| | | | |
thewover.github.io
|
|
| | | | | TLDR: Presenting DInvoke, a new API in SharpSploit that acts as a dynamic replacement for PInvoke. Using it, we show how to dynamically invoke unmanaged code from memory or disk while avoiding API Hooking and suspicious imports. | |
| | | | |
mazinahmed.net
|
|
| | | Application and Infrastructure Security Engineering | ||