To date, we've reviewed techniques such as shellcode loading and encryption, circumventing detection, and building in our own syscalls. Today, I'm releasing Alaris, a new shellcode loader that will utilize many of the previous techniques discussed within this blog as well as add a few new...
Low Level Process Injection using QueueUserAPC() via direct x86 asm syscalls to bypass AV, EDR, and Sysmon....
Process Injection using Direct Syscalls and CreateRemoteThread...
A simple Python3 framework for obtaining, analyzing, and categorizing Onion Domains...
In a previous post, Vulnserver KSTET Egg Hunter, we looked at how we can use an egghunter to obtain code execution within a larger chunk of memory. In this post, we will look at the KSTET Socket re-use WS2_32.dll recv() function and how we can...