Obfuscating Command Line Arguments

Encoding command line arguments to evade detection.

Active Directory Persistence

Maintaining access to an Active Directory environment.

Mimikatz

A Mimikatz command reference.

Forged Kerberos Tickets

Generating forged Kerberos gold, silver and diamond tickets.

PowerView

A PowerView command reference.

LLVM Obfuscation

Setting up Obfuscator LLVM with Visual Studio 2022.

Encoding Shellcode as IP Addresses

Converting shellcode to look like a series of IP addresses.

Function Name Hashing

Replacing existing ROR13 function hash names in shellcode to evade signature based detection.

Module Stomping

Executing Shellcode from the address space of known good DLL’s.

Callback Shellcode Execution

Executing Shellcode using function callbacks.

Inline Function Hooking

Creating a C++ DLL to modify a target applications behaviour.

x64 Call Stack Walking

Walking an x64 call stack using UNWIND data structures.