Using fibers instead of threads to run shellcode.
Modifying the Process Environment Block for process argument spoofing.
Evading Windows Defender memory scanning.
CreateRemoteThread Process Injection in C#
Bypassing ETW userland hooks.
Bypassing AMSI when using Assembly.Load.
Using the Domain Name System as a Command & Control mechanism.
Tunneling C2 messages in ICMP traffic.
Exploiting use-after-free vulnerabilities.
Tampering with the top chunk size field for an arbitrary write primitive.
Exploiting heap corruption on Ubuntu 20.04.
Exploiting heap thread caching on glibc 2.26.