Search

⌃K

Links

2023

Maelstrom #7: Static OpSec Review

Maelstrom #6: Working with AMSI and ETW for Red and Blue

Maelstrom #5: EDR Kernel Callbacks, Hooks, and Call Stacks

Maelstrom #4: Writing a C2 Implant

Maelstrom #3: Building the Team Server

Maelstrom #2: The C2 Architecture

Maelstrom #1: An Introduction

Inside Get-AuthenticodeSignature

Obfuscating Reflective DLL Memory Regions with Timers

Through The EDR Lens

Windows Processes, Nefarious Anomalies, And You

2022

Digging into PssCaptureSnapshot for LSASS Dumping

Protecting the Heap: Encryption & Hooks

Implementing SysCall Detection into Fennec

Bluffy the AV Slayer

SamAccountName Spoofing & Domain Controller Impersonation (CVE-2021-42287 & CVE-2021-42278)

Greta: Windows Crypto, and Recursive Keying

Exploring DLL Loads, Links, and Execution

WinRM Reflective DLLs and Aggressor Scripts

Using SecureString to protect Malware

Deep Diving Process Injection

Powered By GitBook

Comment on page

🏡

Home

Posts written by the pre.empt team 🔥

Last modified 18h ago