Demonstration of the use of direct syscalls to evade hooking carried out by EDR, in addition to its advantages and possible forms of improvement.

How to remove EDR hooks (byte patching hooking) in ntdll.

I will talk about the architecture and detections of Endpoint Detection and Response (EDR). I will briefly go over each topic but the focus is to bring a better understanding of how it works as an ...

In this article, I will address process injection, focusing on Asynchronous Procedure Calls (APC) with evasion techniques and some important OPSEC warnings for your upcoming engagements in Red Team.

This will be an analysis of a simple Local Stager Payload Injection that I created myself, which is currently bypassing Windows Defender. I will explain how it is done and dissect it.