Hi Friend Reading some article on how the EDR able to hook its API into windows API to detect the malicious interaction between application and
Basic File Information Query (NtQueryInformationFile)
Hi Guys, I would like to share a small chunk of code to get the basic file information. This code is the basic and the
Cyber Triage
Hi Friend, I am writting this to share experience using an application called Cyber Triage which really helps on the endpoint investigation. https://www.cybertriage.com/ As you
Timestomping
Hi Friend It is been a while of not updating this blog. It does not mean I stop doing some research. Today, i would like
Control Flow Flattening CFF
Hi Man, I am going to write a sample of Control Flow Flattening (CFF) code in C++. The control flow flattening has been used by
Extracting PE from Memory using Process Hacker
Hi Friends, I am creating a very simple tutorial to extract malware from the memory. I made two simple applications where the first one will
Cyber Security Architect | Red/Blue Teaming | Exploit/Malware Analysis 