Explore >> Select a destination
|
You are here 
|
cihansol.com | ||
| | | | |
redteaming.co.uk
|
|
| | | | | DLL Side-Loading or DLL Proxy loading allows an attacker to abuse a legitimate and typically signed executable for code-execution on a compromised system. Mitre has been keeping a log of this technique since 2017, and it continues to be a popular option by threat actors (For good reasons!) Proxy loading is very similar to DLL... | |
| | | | |
macrosec.tech
|
|
| | | | | The first thing we need to do is to identify which dll is crucial for discord to run because that is the dll we will use to perform dll hijacking. In order to find out, we need to open the file location of discord and we see: To identify the COM Keys of Chrome that we can use for COM Hijacking, we use the tool Process Monitor to identify all the processes running when Chrome runs, we also discover the COM servers that are missing CLSID's and the ones which don't require elevated privileges. We use the following filters: | |
| | | | |
0xcybery.github.io
|
|
| | | | | This article aims to help you know and understand what normal behavior within a Windows operating system is. | |
| | | | |
oldboy21.github.io
|
|
| | | Hello, Hello, Aloooooooo. After some time away from coding I am here again talking about sleeping masks. Thanks to the great cybersec community there is always something to work on ?? Last time in my blog I have talked how to hide a memory mapping (where in my case a ReflectiveDLL is loaded) from memory scanners. Particularly, SLEAPING and SWAPPALA techniques are used to swap the malicious mapping with a legit Microsoft DLL at the same address, at sleeping time. | ||
