Jul 16, 2017
Inject All The Things
Well, its 2017 and I’m writing about DLL injection. It could be worse. DLL injection is a technique used by legitimate software to add/extend functionality to other programs, debugging, or reverse engineering. It is also commonly used by malware in a multitude of ways. This means that from a security perspective, it’s imperative to know how DLL injection works.
- Apr 8, 2017 kcshell: assembly/disassembly shell
Dec 3, 2016
hunting (l)users using WinAPI calls only
During Red Team engagements it is common to track/hunt specific users. Assuming we already have access to a desktop as a normal user (no matter how, always “assume compromise”) in a Windows Domain and we want to spread laterally.