How to write a local PE Loader from scratch (for educational purposes)This post takes you through the steps to write a custom PE loader that can load and execute a PE from straight from memory.Dec 1, 2024Dec 1, 2024
Certified Red Team Operator (CRTO) in 2024 — My review & tipsYesterday I had successfully passed the CRTO exam. Today I received the above badge in my email. I want to document my whole experience…Nov 24, 20241Nov 24, 20241
Voidgate: how to execute shellcode while keeping it encryptedVoidgate evades AV/EDRs by decrypting and executing only one instruction of encrypted shellcode at a time, before re-encrypting it back.Sep 28, 2024Sep 28, 2024
Using syscalls to bypass User-land EDR hooksThis post discusses direct and indirect syscalls, and showcases how to use this idea to bypass user-land EDR hooks.Sep 17, 2024Sep 17, 2024
A Gentle Introduction to Syscalls in WindowsThis post introduces the concept of syscalls in Windows, and all the relevant prerequisite concepts — System services, SSDTs and SSNs.Sep 17, 2024Sep 17, 2024
API hooking with Detours on WindowsThis is an introduction to the concept of API hooking, and the Detours library to hook WinAPI functions.Sep 8, 2024Sep 8, 2024
IPFuscation — using IP addresses to obfuscate your sus payloadsIt’s no news that most anti-malware programs will immediately detect your payload if it’s stored as-is in your malware. To overcome this…Aug 20, 20241Aug 20, 20241
Most people on Reddit might not even be peopleThis post is about how I found out a large proportion of Reddit users are actually bots, , and how I tried to fight it and failed.Aug 14, 20241Aug 14, 20241
HackTheBox ‘Flippin Bank’ Walkthrough | Introduction to CBC Bit-flipping Attack‘Flippin Bank’ is a crypto challenge on HackTheBox, and I loved it because it showcased a classic CBC bit flipping attack.Jul 13, 2021Jul 13, 2021
How to execute an ELF in-memory — Living off the LandSince Linux treats everything as a file, including memory, it is fairly easier to run an ELF executable from memory. Read on to find out…Jun 9, 2021Jun 9, 2021
