Posts
-
EDR Internals for macOS and Linux
Analyzing commercial endpoint security products
-
Unmanaged .NET Patching
Modify managed functions from unmanaged code
-
Mockingjay Memory Allocation Primitive
Reusing RWX regions from legitimate modules for process injection
-
Avoiding Memory Scanners
Customizing Malware to Evade YARA, PE-sieve, and More
-
Using DNS over HTTPS for Cobalt Strike
DNS over HTTPS is an underappreciated channel for command and control
-
Multi-Stage Offensive Operations with Mythic
Mythic, or something like it, is the future of modern offensive operations