Generating forged Kerberos gold, silver and diamond tickets.
PowerView
A PowerView command reference.
LLVM Obfuscation
Setting up Obfuscator LLVM with Visual Studio 2022.
Encoding Shellcode as IP Addresses
Converting shellcode to look like a series of IP addresses.
Function Name Hashing
Replacing existing ROR13 function hash names in shellcode to evade signature based detection.
Module Stomping
Executing Shellcode from the address space of known good DLL’s.
Callback Shellcode Execution
Executing Shellcode using function callbacks.
Inline Function Hooking
Creating a C++ DLL to modify a target applications behaviour.
x64 Call Stack Walking
Walking an x64 call stack using UNWIND data structures.
Disguising Client Side Payloads
Ways of making payloads a little less suspicious.
User Mode APC Queue Injection
Using user-mode APC functions to execute code in remote processes.
Sleep Masks
Writing sleep masks in x64 assembly.