Introduction

A blog about the things that matter

• Assembly Snippets for Windows
• Breaking into the DllMain
• How to compile/build openssl
• Skeleton Code to Create Control Panel Items
• How-to: Determine if a DLL is .NET assembly (.NET DLL)
• A dynamic link library (DLL) initialization routine failed.
• Skeleton Code to Create PoC DLL
• DLL Search Order Hijacking
• Revisited: DLL Search Order
• Enumerating Device Drivers: implementation and connection with APTs
• Exporting functions from DLL using the actual function name
• Generic Random Notes
• How to setup a local SMTP mail server for testing tools
• PE Parser in Windows API
• Anthology of persistent execution techniques on Linux
• Windows shellcode launching techniques
• Persistence: Component Object Model (COM) hijacking
• Persistence 101: Looking at the Startup directory as attacker and defender
• Persistence and Privilege Escalation on Windows via Print Monitors
• Persistence and Privilege Escalation on Windows via Print Processors
• Persistence 101: Looking at the Scheduled Tasks
• Persistence and Privilege Escalation on Windows via Time Providers
• Persistence and Privilege Escalation on Windows via Windows Management Instrumentation Event Subscription