Using DLL’s as a persistence mechanism.
Category: Malware Dev
Function Name Hashing
Replacing existing ROR13 function hash names in shellcode to evade signature based detection.
Offensive PowerShell
Using GetDelegateForFunctionPointer to execute Win32 API’s from memory in Powershell.