2024

• 11 Nov Evading detection in memory - Pt 2: Improving Module Stomping (Advanced Module Stomping) + Sleep Obfuscation with heap/stack encryption
• 05 Nov Evading detection in memory - Pt 1: Sleep Obfuscation - Foliage
• 22 Jul Sideloading + Proxying in Custom Software
• 20 Jul shellcode Reflective DLL Injection
• 18 Jul Reflective DLL Injection
• 26 May Shellcode - Pt 4: Stager + Local Injection using Fibers
• 23 May Shellcode - Pt 3: Reverse Shell
• 21 May Shellcode - Pt 2: Finding Exported Function
• 18 May Shellcode - Pt 1: Finding Module(DLL) Address
• 18 May Evading Static Analysis
• 21 Apr EDR Evasion 101 - Pt 3: Direct Syscall
• 14 Apr EDR Evasion 101 - Pt 2: Ntdll Unhooking via Overwritte
• 08 Apr EDR Evasion 101 - Pt 1: EDR Architecture
• 09 Mar APC Queue Injection
• 22 Jan Classic Injection