Search

⌃K

Links

2023

Windows Processes, Nefarious Anomalies, And You

Maelstrom #7: Static OpSec Review

Maelstrom #6: Working with AMSI and ETW for Red and Blue

Maelstrom #5: EDR Kernel Callbacks, Hooks, and Call Stacks

Maelstrom #4: Writing a C2 Implant

Maelstrom #3: Building the Team Server

Maelstrom #2: The C2 Architecture

Maelstrom #1: An Introduction

Obfuscating Reflective DLL Memory Regions with Timers

Inside Get-AuthenticodeSignature

2022

Digging into PssCaptureSnapshot for LSASS Dumping

Protecting the Heap: Encryption & Hooks

Implementing SysCall Detection into Fennec

Bluffy the AV Slayer

SamAccountName Spoofing & Domain Controller Impersonation (CVE-2021-42287 & CVE-2021-42278)

Greta: Windows Crypto, and Recursive Keying

Exploring DLL Loads, Links, and Execution

WinRM Reflective DLLs and Aggressor Scripts

Using SecureString to protect Malware

Deep Diving Process Injection

Powered By GitBook

🏡

Home

Posts written by the pre.empt team 🔥

Last modified 8d ago

Copy link