Introduction I started building this tool a few months ago purely out of curiosity just to see if I could hunt for specific patterns in memory for Phantom ASP.Net Loader. But one feature led to another, and it quickly evolved into something much more substantial. It’s become a core future project for me, and I’m … Read more
Introduction Hello, fellow Zig programming enthusiasts! In this blog post, I’ll walk you through the process of implementing of well-known and classic technique “Hell’s Gate ” —a method for making direct Windows system calls by extracting syscall numbers from ntdll.dll. Hell’s Gate is popular in malware for evading API monitoring, as it used to bypass … Read more
Introduction In 2023, Microsoft launched Copilot for Office 365. Recently, they expanded its functionality to include integration with Notepad in 2025, allowing users to request the AI assistant to rewrite paragraphs or text. In this blog post, I will share my technical observations and explore how Notepad AI services, as well as similar applications with … Read more
Introduction In this blog post, using WMI we’ll leverage Windows Management Instrumentation (WMI) to extract the loaded modules of a specific process and understand how to get each module base address, show the advantages and the ability to perform ShellCode injection in .text section directly using a technique shared before by Netero1010 Security Lab Advantages … Read more
Introduction This blog post will explore how to embed malicious payload into the RDP configuration file. By leveraging the innate properties of the file extensions and specific RDP configuration parameters, I have successfully injected malicious content without impeding the file’s intended functionality. Today’s topic delves into the technical details of this defense evasion technique and … Read more
MITRE : CVE-2022-46637 Advisory: exploit Intro Last October, I was planning to visit the philippine to get some rest away from work and life pressure. And I would say that was a great direction to relax and enjoy the beauty of nature. It was a joyful stay, But I was struggling with the quality of … Read more
introduction and here we are in part three of this series, and in this blog post, I am going to finish the operational part of our c2c that includes a stable demo with a very straightforward execution flow. before start explaining the topic for today, there are some questions asked about why I want the … Read more
In memory of Terry Davis (August 11, 2018) an idiot admire complexity, a genius admires simplicity Terry Davis In this part, I will continue developing the team server for the operator side and designing the operator GUI interface. since the topic will contain several cod blocks, I have done the workshop videos via twitch and … Read more
Introduction Over a while, the development of c2c has increased rapidly, including the number of new commercial frameworks, which I will not mention because I am not here to advertise any, and there are awesome open-sourced projects such as sliver, Covenant, and many more. In this article, I will shed light on the uncovered offensive … Read more
What is Zero Trust Security? Zero Trust security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. ZTNA is the main technology associated with Zero Trust architecture, but Zero Trust is a holistic … Read more
