Malware Dev

Inline Function Hooking

Creating a C++ DLL to modify a target applications behaviour.

Security Engineering

x64 Call Stack Walking

Walking an x64 call stack using UNWIND data structures.

Malware Dev

Disguising Client Side Payloads

Ways of making payloads a little less suspicious.

Malware Dev

User Mode APC Queue Injection

Using user-mode APC functions to execute code in remote processes.

Malware Dev

Sleep Masks

Writing sleep masks in x64 assembly.

Malware Dev

Offensive PowerShell

Using GetDelegateForFunctionPointer to execute Win32 API’s from memory in Powershell.

Cheat Sheets

WinDBG

A list of common WinDBG commands.

Malware Dev

Reflective DLL Injection

Executing DLL’s from memory.

Malware Dev

DLL Injection

Injecting DLL’s into remote processes.

Malware Dev

Interacting with Foreign Handlers

Writing stagers to interact with foreign C2 frameworks.

Cheat Sheets

Metasploit

A Metasploit command reference.

Infrastructure

Active Directory Schema Modification

Changing default security descriptor properties to escalate from a child to parent domain.