Using hashcat to reveal Windows passwords.
Assuming other users identities by copying access tokens.
Using fibers instead of threads to run shellcode.
Modifying the Process Environment Block for process argument spoofing.
Evading Windows Defender memory scanning.
CreateRemoteThread Process Injection in C#
Bypassing ETW userland hooks.
Bypassing AMSI when using Assembly.Load.
Using the Domain Name System as a Command & Control mechanism.
Tunneling C2 messages in ICMP traffic.
Exploiting use-after-free vulnerabilities.
Tampering with the top chunk size field for an arbitrary write primitive.