Category: Malware Dev

Malware Dev

DLL Proxying

Using DLL’s as a persistence mechanism.

Malware Dev

LLVM Obfuscation

Setting up Obfuscator LLVM with Visual Studio 2022.

Malware Dev

Encoding Shellcode as IP Addresses

Converting shellcode to look like a series of IP addresses.

Malware Dev

Function Name Hashing

Replacing existing ROR13 function hash names in shellcode to evade signature based detection.

Malware Dev

Module Stomping

Executing Shellcode from the address space of known good DLL’s.

Malware Dev

Callback Shellcode Execution

Executing Shellcode using function callbacks.

Malware Dev

Inline Function Hooking

Creating a C++ DLL to modify a target applications behaviour.

Malware Dev

Disguising Client Side Payloads

Ways of making payloads a little less suspicious.

Malware Dev

User Mode APC Queue Injection

Using user-mode APC functions to execute code in remote processes.

Malware Dev

Sleep Masks

Writing sleep masks in x64 assembly.

Malware Dev

Offensive PowerShell

Using GetDelegateForFunctionPointer to execute Win32 API’s from memory in Powershell.

Malware Dev

Reflective DLL Injection

Executing DLL’s from memory.