Hi Guys, I am finally back after busy with my relocation back to home town. Today, I would like to share how to get the
Category: Reverse Engineering

Hide API Call Strings with Ordinals
Hi Reverser, Today, I would like to share abit of my research regarding how you hide your windows API calls from static analysis. Usually, When

Function Call with PUSH EAX and RETN
Hi Friends, Learning how malware creator develops their code is very inspiring because it has some tricks to ensure their application could bypass the security

Extract Payload from Memory
Hi Guys Today, I am going to share about the basic or simple technique for the malware analyst to extract payload or binary from the

Local Priv Escalation with SMBGhost Exploitation
Hi Guys, I want to share my PoC with some EDR. I found it interesting that all the product cannot detect SMBghost exploitation related to the

Bypass Sandbox with Targeted Encryption Key
Hi Guys, As the malware developer, we need to successfully ensure our malware is delivered to the endpoint. We know that there are so many