Archives
- 09 Mar Toast phishing operations: Abusing Windows notifications for initial access
- 09 Mar Reverse engineering a trojanized VSCode extension
- 09 Mar Windows Persistence (Part 1): Default file extension hijacking
- 02 Mar Exploring the Kernel-Mode attack surface: Reverse engineering a vulnerable Driver abused to terminate EDRs
- 02 Mar APC injection
- 06 Feb Process Injection - DLL Injection
- 23 Jan Constructing an evasive keylogger for security research
- 15 Nov Nefilim Ransomware: Reverse Engineering
- 15 Nov Ransomware: reversing what was (supposedly) irreversible
- 09 Nov Building a Debugger from Scratch: Part 2 - Process Exploration and Debug Control
- 02 Nov Building a Debugger from Scratch: Part 1 - Windows User-Mode Debugger Core
- 25 Oct Dynamic loader in C: Part 1 - downloading and executing shellcode in memory
- 09 Sep Code Cave Exoploitation
- 18 Aug AES as an Obfuscation Layer in Malware Payloads: Bypassing Windows Defender
- 14 Jun Exploiting SEH Overwrite Vulnerabilities in Windows Applications
- 03 Jun Building and Detecting a Backdoor: Dynamic Analysis and YARA Rules
- 06 Apr Exploit Development for Buffer Overflow