Forged Kerberos Tickets

Generating forged Kerberos gold, silver and diamond tickets.

PowerView

A PowerView command reference.

LLVM Obfuscation

Setting up Obfuscator LLVM with Visual Studio 2022.

Encoding Shellcode as IP Addresses

Converting shellcode to look like a series of IP addresses.

Function Name Hashing

Replacing existing ROR13 function hash names in shellcode to evade signature based detection.

Module Stomping

Executing Shellcode from the address space of known good DLL’s.

Callback Shellcode Execution

Executing Shellcode using function callbacks.

Inline Function Hooking

Creating a C++ DLL to modify a target applications behaviour.

x64 Call Stack Walking

Walking an x64 call stack using UNWIND data structures.

Disguising Client Side Payloads

Ways of making payloads a little less suspicious.

User Mode APC Queue Injection

Using user-mode APC functions to execute code in remote processes.

Sleep Masks

Writing sleep masks in x64 assembly.