Today, I would like to share a small tutorial and small code that to allow the adversaries to do a little antiforensic to their process.
Category: Reverse Engineering
Memory Protection Fluctuation
Hi Brother I am writting this short tutorial just to share a bit basic on how the malware evade the memory scanning. This is not
Windows API Hooking
Hi Friend Reading some article on how the EDR able to hook its API into windows API to detect the malicious interaction between application and
Basic File Information Query (NtQueryInformationFile)
Hi Guys, I would like to share a small chunk of code to get the basic file information. This code is the basic and the
Cyber Triage
Hi Friend, I am writting this to share experience using an application called Cyber Triage which really helps on the endpoint investigation. https://www.cybertriage.com/ As you
Control Flow Flattening CFF
Hi Man, I am going to write a sample of Control Flow Flattening (CFF) code in C++. The control flow flattening has been used by
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 