Hi Friends, Another small code that allow you to be less detectable on injecting your malware. I found the code from ired.team is very direct
Category: Malware
Hiding Process Cmdline Argument
Hi Developer, Another trick that I want to share with you on making your malicious process is less suspicious. Many EDRs use the cmdline parameter
Less suspicious with module stomping
Hi Friends, I would like to continue on sharing a simple tutorial on making your payload injection less supicious to AV detection. As a common
HellGate Technique on AV Bypass
Hi Friends, Yet another simple tutorial post regarding on how to bypass AV detection during payload injection. As mentioned in my previous post that one
Process unhooking by reading ntdll.dll fresh copy
Hi All, I am going to share a simple code to allow you to unhook AV engine from the NTDLL by overwritting dll loaded into
Classic Payload Injection (CreateRemoteThread)
I am continuing the last post regarding the process enumeration that we can use to find the target process that become the host of our
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 