MemFuck: Bypassing User-Mode Hooks
I am a recent college graduate, and am actively looking for a job in the cyber security industry. If my work here interests you, and… Read More »MemFuck: Bypassing User-Mode Hooks
Static Detection of Portable Executable Files
I am a recent college graduate, and am actively looking for a job in the cyber security industry. If my work here interests you, and… Read More »Static Detection of Portable Executable Files
Fuzzing the Windows API for AV Evasion
What is emulation? Malware Detection Systems (MDSs) use a technique called emulation as perhaps their most effective weapon against novel malware threats. Emulation does not… Read More »Fuzzing the Windows API for AV Evasion
TRunPE
is a modified process hollowing technique capable of injecting entire PE files. What is process hollowing? Process hollowing or RunPE is a code injection technique… Read More »TRunPE
ShellcodeStdio
is an extensible framework for easily writing debuggable, compiler optimized, position-independent, x86 and x64 shellcode for windows platforms. I will be demonstrating how to write… Read More »ShellcodeStdio