Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks

#redteam #maldev

https://0xdarkvortex.dev/proxying-dll-loads-for-hiding-etwti-stack-tracing/

https://0xdarkvortex.dev/hiding-in-plainsight/

Join @eversinc33 this Wednesday April 12th at 2PM EST in the Prelude discord to talk "Intro to Syscalls for Windows Malware" #malware #maldev #redteam https://discord.gg/fZbfdUQM4A

We're going live with frank2 in 1 hour in the Prelude community Discord. Everyone is welcome to drop in and learn about writing a packer in C++ !!

#packer #maldev #windows

https://discord.com/invite/fZbfdUQM4A

If your new to #malware #maldev you should take a look at huskyhacks blogpost on #nimlang it's a great handheld guide on basic hacking with nim. https://huskyhacks.dev/2021/07/17/nim-exploit-dev/

From Process Injection to Function Hijacking

This post about FunctionHijacking, a "new" process injection technique built upon Module/Function Stomping, along with experiments to break behavioral based detection of other common process injection techniques.

https://klezvirus.github.io/RedTeaming/AV_Evasion/FromInjectionToHijacking/

#av #evasion #maldev #redteam #research