Hi Friends, Yet another simple tutorial post regarding on how to bypass AV detection during payload injection. As mentioned in my previous post that one
Category: Reverse Engineering
Process unhooking by reading ntdll.dll fresh copy
Hi All, I am going to share a simple code to allow you to unhook AV engine from the NTDLL by overwritting dll loaded into
Classic Payload Injection (CreateRemoteThread)
I am continuing the last post regarding the process enumeration that we can use to find the target process that become the host of our
Basic Windows Process Enumeration
Hi Guys, After taking some times to take some doing many other things, I am finally back writting small tutorial at my blog. If you
Basic Patch Diffing with IDA and BinDiff
Hi everyone, I would like to share some basic patch diffing in this post. why patch diffing is important because it helps you to analyze
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 