Infrastructure

Active Directory Persistence

Maintaining access to an Active Directory environment.

Cheat Sheets

Mimikatz

A Mimikatz command reference.

Infrastructure

Forged Kerberos Tickets

Generating forged Kerberos gold, silver and diamond tickets.

Cheat Sheets

PowerView

A PowerView command reference.

Malware Dev

LLVM Obfuscation

Setting up Obfuscator LLVM with Visual Studio 2022.

Malware Dev

Encoding Shellcode as IP Addresses

Converting shellcode to look like a series of IP addresses.

Malware Dev

Function Name Hashing

Replacing existing ROR13 function hash names in shellcode to evade signature based detection.

Malware Dev

Module Stomping

Executing Shellcode from the address space of known good DLL’s.

Malware Dev

Callback Shellcode Execution

Executing Shellcode using function callbacks.

Malware Dev

Inline Function Hooking

Creating a C++ DLL to modify a target applications behaviour.

Security Engineering

x64 Call Stack Walking

Walking an x64 call stack using UNWIND data structures.

Malware Dev

Disguising Client Side Payloads

Ways of making payloads a little less suspicious.