Module Stomping 101 - My Favorite Stomping Grounds
It probably comes as no surprise to most of my dedicated readers that I have an undying fascination with all things related to code injection and evasive man...
Bypassing EDR using an In-Memory PE Loader
It’s high time we get another blog post going, and what better time than now to talk about PE loaders! Specifically, an In-Memory PE Loader. 😸 In short, we’...
Using Direct Syscalls with an In-Memory PIC Shellcode Loader
Today’s post began in an unusual manner lol. I wanted to explore the basic concept of creating an in-memory shellcode loader using APIs from the Wininet.h l...
How to Create a Staged In-Memory .NET Reflective Shellcode Loader
I’ve had a lot of questions get tossed around about EDR Bypass and Shellcode Loaders lately. The familiar dilemma ends up as follows:
Buffer Overflows in the Modern Era - Part 5
It’s the moment you’ve all been waiting for. I realize I’ve been building anticipation for the actual bypassing ASLR aspect of this series for a long time n...