Using hashcat to reveal Windows passwords.
Assuming other users identities by copying access tokens.
Using fibers instead of threads to run shellcode.
Modifying the Process Environment Block for process argument spoofing.
Evading Windows Defender memory scanning.
CreateRemoteThread Process Injection in C#
Bypassing ETW userland hooks.
Bypassing AMSI when using Assembly.Load.
Using the Domain Name System as a Command & Control mechanism.