Replacing existing ROR13 function hash names in shellcode to evade signature based detection.

Executing Shellcode from the address space of known good DLL’s.

Executing Shellcode using function callbacks.

Creating a C++ DLL to modify a target applications behaviour.

Ways of making payloads a little less suspicious.

Using user-mode APC functions to execute code in remote processes.

Writing sleep masks in x64 assembly.

Using GetDelegateForFunctionPointer to execute Win32 API’s from memory in Powershell.

Executing DLL’s from memory.

Injecting DLL’s into remote processes.