Hi Malware Analyst, Yes finally after 4 months stop writting blog, I decided to refresh my malware analysis skill and try to write a simple
Category: Reverse Engineering
Less Detectable with PPID Spoofing
Hi Friends, Another small code that allow you to be less detectable on injecting your malware. I found the code from ired.team is very direct
Hiding Process Cmdline Argument
Hi Developer, Another trick that I want to share with you on making your malicious process is less suspicious. Many EDRs use the cmdline parameter
Less suspicious with module stomping
Hi Friends, I would like to continue on sharing a simple tutorial on making your payload injection less supicious to AV detection. As a common
HellGate Technique on AV Bypass
Hi Friends, Yet another simple tutorial post regarding on how to bypass AV detection during payload injection. As mentioned in my previous post that one
Process unhooking by reading ntdll.dll fresh copy
Hi All, I am going to share a simple code to allow you to unhook AV engine from the NTDLL by overwritting dll loaded into
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 